There has been some long standing strangeness around the __configure_sasl_mappings() step in krbinstance.py
I think I tracked it down to the use of the asynchronous variant of the ldap search operation used in that code. I was installing a replica under heavy machine load (a VM on a busy development machine), and it again failed to find and remove entries.
If the server is slow an async request can easily return 0 results on the first try and the code was trying to collect results only once and not checking if all results had actually been returned.
I think this explains both the issues that have been seen with sasl mappings not being properly deleted and some issues with the connection for which a workaround was present in the code.
The code should use a synchronous search request so that all results are properly accounted for and returned.
Proposed patch 0001-Fix-race-condition-in-installation-due-to-use-of-asy.patch
fixed in: 0fbe1f9
Metadata Update from @simo: - Issue assigned to simo - Issue set to the milestone: FreeIPA 2.0 - 2010/12 (FC)
Login to comment on this ticket.