[Freeipa-devel] CLDAP Netlogon fixes
Alexander Bokovoy
abokovoy at redhat.com
Tue May 28 12:35:51 UTC 2013
On Thu, 23 May 2013, Simo Sorce wrote:
>> > As you can see, incorrect parameters still return empty dn and netlogon
>> > attributes while Windows Server 2012 returns empty response:
>> >
>> > $ ldapsearch -LL -H cldap://altai.ad.lan -b "" -s base '(&(NtVer=\00\00\00\55\00)(AAC=\00\00\00\00))' netlogon
>> > version: 1
>> >
>> > Yet, since for trusts we care about explicit request with our domain name _and_ the
>> > case when DnsDomain is not specified, everything continues to work.
>> >
>> > So ACK.
>>
>> I can easily avoid returning the empty netlogon field, which is what I
>> wanted to do.
>> I'll see if I can also avoid returning the DN.
>>
>> Let me try just one more revision.
>
>It was a simple fix, attached patches omit LDAP_RES_SERAHC_ENTRY
>completely as they were supposed to, and only return a
>LDAP_RES_SEARCH_RESULT record.
Thanks.
Tested and it works fine.
--
/ Alexander Bokovoy
More information about the Freeipa-devel
mailing list