[Freeipa-devel] [PATCH] 767 fix ipa-nis-manage
Simo Sorce
ssorce at redhat.com
Fri Apr 8 18:36:29 UTC 2011
On Fri, 08 Apr 2011 13:12:22 -0400
Rob Crittenden <rcritten at redhat.com> wrote:
> JR Aquino wrote:
> > Does the limitation of autobind with root mean that all of the
> > tools that use ldapi need to be revisited and turned back to 389?
>
> ipa-host-net-manage and ipa-compat-manage work ok for me with this
> patch applied.
NACK
autobind comes into play only when SASL_EXTERNAL auth is used,
the krb5kdc binds as uid=kdc over ldapi w/o any issue.
If these tools are having a problem with ldapi, it is most probably an
underlying bug in our ldap wrappers, as thyese tools should bind as
Directory Manager using simple auth not doing SASL_EXTERNAL auth.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list