[Freeipa-devel] [PATCH] 890 OTP client enrollment with anonymous disabled
Martin Kosek
mkosek at redhat.com
Wed Oct 12 15:09:42 UTC 2011
On Tue, 2011-10-11 at 17:40 -0400, Rob Crittenden wrote:
> Fix OTP client enrollment when anonymous searches are disabled in 389-ds.
>
> This is fixed mostly by passing in the basedn to ipa-join so we don't
> have to hunt for it. I did modify that routine so it will look through
> all naming contexts to find the IPA one but this will fail if anonymous
> searches are not allowed.
>
> I fixed a couple of minor memory leaks too (valgrind still reports
> several but they are out of our control).
>
> This should be tested both with a OTP host and using an authorized user.
>
> rob
Hmm, works fine. Good job there. I tested all four cases -
password/kerberos join on LDAP server with anonymous binds
allowed/disallowed. ipa-join was always successful.
ACK. Please, just fix one whitespace error before pushing:
$ git apply ~/freeipa-rcrit-890-client.patch
/home/mkosek/freeipa-rcrit-890-client.patch:87: trailing whitespace.
Martin
More information about the Freeipa-devel
mailing list