[Freeipa-devel] [PATCHES] 0473-0477 Managed permission updater, part 1
Martin Kosek
mkosek at redhat.com
Fri Feb 28 13:12:33 UTC 2014
On 02/26/2014 10:44 AM, Petr Viktorin wrote:
> Hello,
> Here are a few fixes/improvements, and the first part of a managed permission
> updater.
>
> The patches should go in this order but don't need to be ACKed/pushed all at once.
>
>
> Design:
> http://www.freeipa.org/page/V3/Managed_Read_permissions#Default_Permission_Updater
> Part of the work for: https://fedorahosted.org/freeipa/ticket/3566
>
>
> This part is a "preview" of sorts, to get the basic mechanism and the metadata
> format reviewed before I add all of the default read permissions.
> It implements the first section of "Default Permission Updater" in the design;
> "Replacing legacy default permissions" and "Removing the global anonymous read
> ACI" is left for later.
> Metadata is added for the netgroup plugin* for starters, so installing this
> will give you two shiny new read permissions:
>
> $ ipa permission-find ipa: --all
> ---------------------
> 2 permissions matched
> ---------------------
> dn: cn=ipa:Read Netgroup Membership,cn=permissions,cn=pbac,$SUFFIX
> Permission name: ipa:Read Netgroup Membership
> Permissions: read, compare, search
> Effective attributes: externalhost, member, memberof, memberuser
> Default attributes: member, memberof, memberuser, externalhost
> Bind rule type: all
> Subtree: cn=ng,cn=alt,$SUFFIX
> Target filter: (objectclass=ipanisnetgroup)
> Type: netgroup
> ipapermissiontype: V2, MANAGED, SYSTEM
> objectclass: ipapermission, groupofnames, top, ipapermissionv2
>
> dn: cn=ipa:Read Netgroups,cn=permissions,cn=pbac,$SUFFIX
> Permission name: ipa:Read Netgroups
> Permissions: read, compare, search
> Effective attributes: cn, description, hostcategory, ipaenabledflag,
> ipauniqueid, nisdomainname, usercategory
> Default attributes: cn, usercategory, hostcategory, ipauniqueid,
> ipaenabledflag, nisdomainname, description
> Bind rule type: all
> Subtree: cn=ng,cn=alt,$SUFFIX
> Target filter: (objectclass=ipanisnetgroup)
> Type: netgroup
> ipapermissiontype: V2, MANAGED, SYSTEM
> objectclass: ipapermission, groupofnames, top, ipapermissionv2
> ----------------------------
> Number of entries returned 2
> ----------------------------
>
> with corresponding ACIs at cn=ng,cn=alt,$SUFFIX:
>
> (targetattr = "externalhost || member || memberof || memberuser")(targetfilter
> = "(objectclass=ipanisnetgroup)")(version 3.0;acl "permission:ipa:Read Netgroup
> Membership";allow (read,compare,search) userdn = "ldap:///all";)
> (targetattr = "cn || description || hostcategory || ipaenabledflag ||
> ipauniqueid || nisdomainname || usercategory")(targetfilter =
> "(objectclass=ipanisnetgroup)")(version 3.0;acl "permission:ipa:Read
> Netgroups";allow (read,compare,search) userdn = "ldap:///all";)
>
>
>
> Patches:
>
> 0473: Enables refactoring that will make it more clear (to humans and machines)
> what plugins code depends on.
> https://fedorahosted.org/freeipa/ticket/4185
>
> 0474: Fix handling of the search term for legacy permissions
> My code that's in master now handles the search term incorrectly. This does a
> better job.
>
> 0475: Fix tests that relied on some assumptions I'll be breaking
>
> 0476: Allow modifying (but not creating) permissions with ":" in the name
>
> 0477: Permission updater & sample metadata
>
1) 476: Typo in test name:
+ desc='Search fo rnonexisting permission with ":" in the name',
2) 477: do we want to log anything when permission is up to date?
+ try:
+ ldap.update_entry(entry)
+ except errors.EmptyModlist:
+ return
3) I am not sure if this was initiated by this patch, but when I checked access
log for a "permission-find --name ipa" operation, it produced over 170 LDAP
operations, most of them asking for the same information many times. See
attached access log excerpt.
4) I have been quite resilient to the prefixes for the permissions, but it
seems it is the easier possible approach to fix conflicts with user permissions
without having to check that later for every upgrade or doing more complex
stuff like multiple RDNs or different container for system and user permissions.
I am now just thinking about the prefixing. Now you use this name:
ipa:Read Netgroups
Would it be "nicer" to use:
IPA:Read Netgroups
or
IPA: Read Netgroups
or even
[IPA] Read Netgroups
? :-)
5) Are we sure we want to make our code Python 2.7 dependent?
+ 'ipapermright': {'read', 'search', 'compare'},
I did not test if we do not require some python 2.7 feature elsewhere already,
but this construct raised a warning for me.
Otherwise the patches seemed to work fine. I also tried to play with the global
ACI blacklist blacklisting and it worked as well, when I for example added
userpassword to netgroup managed_permissions.
Martin
-------------- next part --------------
[28/Feb/2014:10:55:29 +0100] conn=24 op=0 BIND dn="" method=sasl version=3 mech=GSSAPI
[28/Feb/2014:10:55:29 +0100] conn=4 op=135 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:29 +0100] conn=24 op=0 RESULT err=14 tag=97 nentries=0 etime=0, SASL bind in progress
[28/Feb/2014:10:55:30 +0100] conn=24 op=1 BIND dn="" method=sasl version=3 mech=GSSAPI
[28/Feb/2014:10:55:30 +0100] conn=24 op=2 BIND dn="" method=sasl version=3 mech=GSSAPI
[28/Feb/2014:10:55:30 +0100] conn=24 op=1 RESULT err=14 tag=97 nentries=0 etime=0, SASL bind in progress
[28/Feb/2014:10:55:30 +0100] conn=24 op=3 SRCH base="cn=ipaconfig,cn=etc,dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs=ALL
[28/Feb/2014:10:55:30 +0100] conn=24 op=2 RESULT err=0 tag=97 nentries=0 etime=0 dn="uid=admin,cn=users,cn=accounts,dc=example,dc=com"
[28/Feb/2014:10:55:30 +0100] conn=24 op=3 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:30 +0100] conn=24 op=4 SRCH base="cn=permissions,cn=pbac,dc=example,dc=com" scope=1 filter="(&(|(ipaPermRight=*ipa:*)(ipaPermTargetFilter=*ipa:*)(ipaPermBindRuleType=*ipa:*)(ipaPermissionType=*ipa:*)(cn=*ipa:*)(objectClass=*ipa:*)(memberOf=*ipa:*)(member=*ipa:*)(ipaPermTarget=*ipa:*)(memberindirect=*ipa:*)(ipaPermDefaultAttr=*ipa:*)(ipaPermLocation=*ipa:*)(ipaPermIncludedAttr=*ipa:*)(ipaPermExcludedAttr=*ipa:*))(&(objectClass=groupofnames)(objectClass=ipapermission)(objectClass=ipapermissionv2)))" attrs="ipaPermRight ipaPermTargetFilter ipaPermBindRuleType ipaPermissionType cn objectClass memberOf member ipaPermTarget ipaPermDefaultAttr ipaPermLocation ipaPermIncludedAttr ipaPermExcludedAttr"
[28/Feb/2014:10:55:30 +0100] conn=24 op=4 RESULT err=0 tag=101 nentries=2 etime=0 notes=U
[28/Feb/2014:10:55:30 +0100] conn=24 op=5 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=ipa:Read Netgroup Membership,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=5 RESULT err=0 tag=101 nentries=0 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=6 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=ipa:Read Netgroups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=6 RESULT err=0 tag=101 nentries=0 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=7 SRCH base="cn=permissions,cn=pbac,dc=example,dc=com" scope=2 filter="(&(objectClass=ipaPermission)(!(ipaPermissionType=V2)))" attrs="ipaPermRight ipaPermTargetFilter ipaPermBindRuleType ipaPermissionType cn objectClass memberOf member ipaPermTarget memberindirect ipaPermDefaultAttr ipaPermLocation ipaPermIncludedAttr ipaPermExcludedAttr"
[28/Feb/2014:10:55:30 +0100] conn=24 op=7 RESULT err=0 tag=101 nentries=85 etime=0 notes=U
[28/Feb/2014:10:55:30 +0100] conn=24 op=8 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Users,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=8 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=9 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Change a user password,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=9 RESULT err=0 tag=101 nentries=4 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=10 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add user to default group,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=10 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=11 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Unlock user accounts,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=11 RESULT err=0 tag=101 nentries=4 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=12 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove Users,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=12 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=13 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Users,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=13 RESULT err=0 tag=101 nentries=4 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=14 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Manage User SSH Public Keys,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=14 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=15 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Groups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=15 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=16 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove Groups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=16 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=17 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Groups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=17 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=18 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Group membership,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=18 RESULT err=0 tag=101 nentries=4 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=19 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Hosts,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=19 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=20 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove Hosts,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=20 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=21 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Hosts,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=21 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=22 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Manage Host SSH Public Keys,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=22 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=23 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Hostgroups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=23 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=24 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove Hostgroups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=24 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=25 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Hostgroups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=25 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=26 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Hostgroup membership,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=26 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=27 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Services,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=27 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=28 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove Services,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=28 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=29 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Services,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=29 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=30 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Roles,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=30 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=31 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove Roles,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=31 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=32 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Roles,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=32 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=33 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Role membership,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=33 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=34 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify privilege membership,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=34 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=35 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Automount maps,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=35 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=36 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove Automount maps,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=36 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=37 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Automount maps,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=37 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=38 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Automount keys,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=38 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=39 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Automount keys,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=39 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=40 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove Automount keys,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=40 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=41 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add netgroups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=41 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=42 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove netgroups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=42 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=43 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify netgroups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=43 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=44 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify netgroup membership,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=44 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=45 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Manage host keytab,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=45 RESULT err=0 tag=101 nentries=5 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=46 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Manage service keytab,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=46 RESULT err=0 tag=101 nentries=4 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=47 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Enroll a host,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=47 RESULT err=0 tag=101 nentries=5 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=48 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Replication Agreements,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=48 RESULT err=0 tag=101 nentries=4 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=49 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Replication Agreements,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=49 RESULT err=0 tag=101 nentries=4 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=50 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove Replication Agreements,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=50 RESULT err=0 tag=101 nentries=4 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=51 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify DNA Range,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=51 RESULT err=0 tag=101 nentries=4 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=52 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Retrieve Certificates from the CA,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=52 RESULT err=0 tag=101 nentries=3 etime=0 notes=P
[28/Feb/2014:10:55:30 +0100] conn=24 op=53 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Request Certificate,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:30 +0100] conn=24 op=53 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=54 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Request Certificates from a different host,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=54 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=55 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Get Certificates status from the CA,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=55 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=56 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Revoke Certificate,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=56 RESULT err=0 tag=101 nentries=3 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=57 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Certificate Remove Hold,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=57 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=58 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify HBAC rule,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=58 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=59 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Group Password Policy costemplate,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=59 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=60 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Manage HBAC service group membership,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=60 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=61 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Delete HBAC services,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=61 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=62 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Group Password Policy,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=62 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=63 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Sudo rule,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=63 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=64 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Write IPA Configuration,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=64 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=65 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Delete Group Password Policy,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=65 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=66 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Group Password Policy,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=66 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=67 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add SELinux User Maps,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=67 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=68 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Delete HBAC service groups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=68 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=69 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Sudo command,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=69 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=70 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Sudo command group,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=70 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=71 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Automember Rebuild Membership Task,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=71 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=72 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Delete HBAC rule,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=72 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=73 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Manage Sudo command group membership,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=73 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=74 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Sudo command,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=74 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=75 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Manage HBAC rule membership,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=75 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=76 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add krbPrincipalName to a host,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=76 RESULT err=0 tag=101 nentries=5 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=77 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add HBAC rule,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=77 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=78 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify SELinux User Maps,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=78 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=79 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add HBAC service groups,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=79 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=80 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Delete Sudo rule,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=80 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=81 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Modify Group Password Policy costemplate,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=81 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=82 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Delete Sudo command group,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=82 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=83 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Delete Group Password Policy costemplate,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=83 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=84 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add Sudo rule,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=84 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=85 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Add HBAC services,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=85 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=86 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Delete Sudo command,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=86 RESULT err=0 tag=101 nentries=2 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=87 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Remove SELinux User Maps,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=87 RESULT err=0 tag=101 nentries=1 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=88 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=add dns entries,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=88 RESULT err=0 tag=101 nentries=3 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=89 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=remove dns entries,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=89 RESULT err=0 tag=101 nentries=3 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=90 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=update dns entries,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=90 RESULT err=0 tag=101 nentries=3 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=91 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Read DNS Entries,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=91 RESULT err=0 tag=101 nentries=3 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=92 SRCH base="dc=example,dc=com" scope=2 filter="(memberOf=cn=Write DNS Configuration,cn=permissions,cn=pbac,dc=example,dc=com)" attrs="member"
[28/Feb/2014:10:55:31 +0100] conn=24 op=92 RESULT err=0 tag=101 nentries=3 etime=0 notes=P
[28/Feb/2014:10:55:31 +0100] conn=24 op=93 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=93 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=94 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=94 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=95 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=95 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=96 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=96 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=97 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=97 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=98 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=98 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=99 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=99 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=100 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=100 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=101 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=101 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=102 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=102 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=103 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=103 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=104 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=104 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=105 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=105 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=106 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=106 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=107 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=107 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=108 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=108 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=109 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=109 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=110 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=110 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=111 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=111 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=112 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=112 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=113 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=113 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=114 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=114 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=115 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=115 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=116 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=116 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=117 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=117 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=118 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=118 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=119 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=119 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=120 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=120 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=121 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=121 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=122 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=122 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=123 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=123 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=124 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=124 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=125 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=125 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:31 +0100] conn=24 op=126 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:31 +0100] conn=24 op=126 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=127 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=127 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=128 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=128 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=129 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=129 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=130 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=130 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=131 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=131 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=132 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=132 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=133 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=133 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=134 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=134 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=135 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=135 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=136 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=136 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=137 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=137 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=138 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=138 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=139 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=139 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=140 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=140 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=141 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=141 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=142 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=142 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=143 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=143 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=144 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=144 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=145 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=145 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=146 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=146 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=147 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=147 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=148 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=148 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=149 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=149 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=150 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=150 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=151 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=151 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=152 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=152 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=153 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=153 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=154 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=154 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=155 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=155 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=156 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=156 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=157 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=157 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=158 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=158 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=159 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=159 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=160 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=160 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=161 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=161 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=162 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=162 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=163 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=163 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=164 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=164 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=165 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=165 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:32 +0100] conn=24 op=166 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:32 +0100] conn=24 op=166 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:33 +0100] conn=24 op=167 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:33 +0100] conn=24 op=167 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:33 +0100] conn=24 op=168 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:33 +0100] conn=24 op=168 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:33 +0100] conn=24 op=169 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:33 +0100] conn=24 op=169 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:33 +0100] conn=24 op=170 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:33 +0100] conn=24 op=170 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:33 +0100] conn=24 op=171 SRCH base="dc=example,dc=com" scope=0 filter="(objectClass=*)" attrs="aci"
[28/Feb/2014:10:55:33 +0100] conn=24 op=171 RESULT err=0 tag=101 nentries=1 etime=0
[28/Feb/2014:10:55:33 +0100] conn=24 op=172 UNBIND
[28/Feb/2014:10:55:33 +0100] conn=24 op=172 fd=78 closed - U1
More information about the Freeipa-devel
mailing list