From a441df090bbcad9aba943a93923b6927ac0ba8a2 Mon Sep 17 00:00:00 2001 From: Thomas Woerner <twoerner@redhat.com> Date: Tue, 26 Mar 2019 11:42:15 +0100 Subject: [PATCH] ipareplica_prepare: Use MIN_DOMAIN_LEVEL instead of DOMAIN_LEVEL_1 in checks With FreeIPA 4.7.0 there is no support for domain level 0 anymore, the check for the minimal domain level should use MIN_DOMAIN_LEVEL instead of DOMAIN_LEVEL_1. --- roles/ipareplica/library/ipareplica_prepare.py | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/ipareplica/library/ipareplica_prepare.py b/roles/ipareplica/library/ipareplica_prepare.py index bfda57f2..9d33ad22 100644 --- a/roles/ipareplica/library/ipareplica_prepare.py +++ b/roles/ipareplica/library/ipareplica_prepare.py @@ -420,17 +420,17 @@ def main(): ansible_log.debug("-- CHECK DOMAIN_LEVEL --") + # Make sure that domain fulfills minimal domain level + # requirement domain_level = current_domain_level(remote_api) check_domain_level_is_supported(domain_level) - if domain_level < constants.DOMAIN_LEVEL_1: - ansible_module.fail_json(msg= - "You used the wrong mechanism to install a replica in " - "domain level {dl}:\n" - "\tFor domain level >= 1 replica installation, first join the " - "domain by running ipa-client-install, then run " - "ipa-replica-install without a replica file." - .format(dl=domain_level) - ) + if domain_level < constants.MIN_DOMAIN_LEVEL: + ansible_module.fail_json( + msg= + "Cannot promote this client to a replica. The domain level " + "must be raised to {mindomainlevel} before the replica can be " + "installed".format( + mindomainlevel=constants.MIN_DOMAIN_LEVEL)) ansible_log.debug("-- CHECK AUTHORIZATION --") -- GitLab