BZ 819111 non-existent container breaks replication

Added code to add the required ou=cmsusers container to cn=config on the master if it does not exist, when replication users are set up.
dogtagpki · May 7, 2012 · 2566d4d · 2566d4d
1 parent f103db3
commit 2566d4d
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 2 deletions.
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java
@@ -1238,7 +1238,27 @@ private void createReplicationManager(LDAPConnection conn, String bindUser, Stri
       throws LDAPException {
         LDAPAttributeSet attrs = null;
         LDAPEntry entry = null;
-        String dn = "cn=" + bindUser + ",ou=csusers,cn=config";
+
+        // for older subsystems, the container ou=csusers, cn=config may not yet exist
+        String dn = "ou=csusers, cn=config";
+        try {
+            attrs = new LDAPAttributeSet();
+            attrs.add(new LDAPAttribute("objectclass", "top"));
+            attrs.add(new LDAPAttribute("objectclass", "organizationalUnit"));
+            attrs.add(new LDAPAttribute("ou", "csusers"));
+            entry = new LDAPEntry(dn, attrs);
+            conn.add(entry);
+        } catch (LDAPException e) {
+            if (e.getLDAPResultCode() == LDAPException.ENTRY_ALREADY_EXISTS) {
+                CMS.debug("createReplicationManager: containing ou already exists");
+            } else {
+                CMS.debug("createReplicationManager: Failed to create containing ou. Exception: "
+                        + e.toString());
+                throw e;
+            }
+        }
+
+        dn = "cn=" + bindUser + ",ou=csusers,cn=config";
         try {
             attrs = new LDAPAttributeSet();
             attrs.add(new LDAPAttribute("objectclass", "top"));

diff --git a/specs/pki-core.spec b/specs/pki-core.spec
@@ -1,6 +1,6 @@
 Name:             pki-core
 Version:          9.0.19
-Release:          3%{?dist}
+Release:          4%{?dist}
 Summary:          Certificate System - PKI Core Components
 URL:              http://pki.fedoraproject.org/
 License:          GPLv2
@@ -749,6 +749,9 @@ fi
 
 
 %changelog
+* Mon May 7 2012 Ade Lee <alee@redhat.com> 9.0.19-4
+- Bugzilla Bug #819111 - non-existent container breaks replication
+
 * Mon Apr 16 2012 Ade Lee <alee@redhat.com> 9.0.19-3
 - Bugzilla Bug #813075 - selinux denial for file size access