This bug is created as a clone of upstream ticket:
During an upgrade from IPA 4.1, when upgrade script attempts to enable KDC proxy by creating an LDAP entry in `cn=KDC,cn=vm,cn=master,cn=ipa,cn=etc,dc=example,dc=com` it fails, because the parent entry does not exist.
This is a regression was introduced by b1a1e104391c84cb9af7b0a7c8748c8652442ddb
2017-05-02T07:11:19Z DEBUG File "/usr/lib/python2.7/site-packages/ipapython/admintool.py", line 172, in execute
return_value = self.run()
File "/usr/lib/python2.7/site-packages/ipaserver/install/ipa_server_upgrade.py", line 46, in run
File "/usr/lib/python2.7/site-packages/ipaserver/install/server/upgrade.py", line 1869, in upgrade
File "/usr/lib/python2.7/site-packages/ipaserver/install/server/upgrade.py", line 1658, in upgrade_configuration
File "/usr/lib/python2.7/site-packages/ipaserver/install/httpinstance.py", line 437, in enable_kdcproxy
'KDC', self.fqdn, [u'kdcProxyEnabled'], self.suffix)
File "/usr/lib/python2.7/site-packages/ipaserver/install/service.py", line 214, in set_service_entry_config
File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 1504, in add_entry
File "/usr/lib64/python2.7/contextlib.py", line 35, in __exit__
self.gen.throw(type, value, traceback)
File "/usr/lib/python2.7/site-packages/ipapython/ipaldap.py", line 966, in error_handler
raise errors.NotFound(reason=arg_desc or 'no such entry')
Not moving to POST, waiting for 4.5 patches
* cdefa3030fba0f9a79f65f91aec84a44795c17f5 python2-ipalib: add missing python dependency
* 1662b0ef2fff6ee002afd99f86b9075a603b6027 installer service: fix typo in service entry
* d10d5066aa60288703f2cf4b1a8dd7ed0aab8842 upgrade: add missing suffix to http instance
Moving to POST.
Tested the bug for IPA upgrade from Rhel 7.1.z to Rhel 7.4 ( ipa 18.104.22.168) and it failed as per the observations listed in BZ#1451804
IPA server version: ipa-server-4.5.0-13.el7.x86_64
Tested the bug with following observations:
1) Verified that upgrade of IPA server to latest version is successful.
2) No errors/ failures are observed during upgrade process.
3) All the basic commands work successfully after upgrade.
4) Verified the same for other upgrade paths:
- RHEL 7.1.z > Rhel 7.4
- RHEL 7.2.z > Rhel 7.4
- RHEL 7.3 > Rhel 7.4
- RHEL 7.3.z > Rhel 7.4
5) For log through UI after upgrade we are unable to login for which a separate bug is logged BZ#1451733
Thus on the basis of above observations, marking status of bug to "VERIFIED"
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.