[Freeipa-devel] CLDAP Netlogon fixes
abokovoy at redhat.com
Tue May 28 12:35:51 UTC 2013
On Thu, 23 May 2013, Simo Sorce wrote:
>> > As you can see, incorrect parameters still return empty dn and netlogon
>> > attributes while Windows Server 2012 returns empty response:
>> > $ ldapsearch -LL -H cldap://altai.ad.lan -b "" -s base '(&(NtVer=\00\00\00\55\00)(AAC=\00\00\00\00))' netlogon
>> > version: 1
>> > Yet, since for trusts we care about explicit request with our domain name _and_ the
>> > case when DnsDomain is not specified, everything continues to work.
>> > So ACK.
>> I can easily avoid returning the empty netlogon field, which is what I
>> wanted to do.
>> I'll see if I can also avoid returning the DN.
>> Let me try just one more revision.
>It was a simple fix, attached patches omit LDAP_RES_SERAHC_ENTRY
>completely as they were supposed to, and only return a
Tested and it works fine.
/ Alexander Bokovoy
More information about the Freeipa-devel