[Freeipa-devel] CLDAP Netlogon fixes
Martin Kosek
mkosek at redhat.com
Tue May 28 14:12:38 UTC 2013
On 05/28/2013 02:35 PM, Alexander Bokovoy wrote:
> On Thu, 23 May 2013, Simo Sorce wrote:
>>> > As you can see, incorrect parameters still return empty dn and netlogon
>>> > attributes while Windows Server 2012 returns empty response:
>>> >
>>> > $ ldapsearch -LL -H cldap://altai.ad.lan -b "" -s base
>>> '(&(NtVer=\00\00\00\55\00)(AAC=\00\00\00\00))' netlogon
>>> > version: 1
>>> >
>>> > Yet, since for trusts we care about explicit request with our domain name
>>> _and_ the
>>> > case when DnsDomain is not specified, everything continues to work.
>>> >
>>> > So ACK.
>>>
>>> I can easily avoid returning the empty netlogon field, which is what I
>>> wanted to do.
>>> I'll see if I can also avoid returning the DN.
>>>
>>> Let me try just one more revision.
>>
>> It was a simple fix, attached patches omit LDAP_RES_SERAHC_ENTRY
>> completely as they were supposed to, and only return a
>> LDAP_RES_SEARCH_RESULT record.
> Thanks.
>
> Tested and it works fine.
>
ACK. Pushed to master, ipa-3-1, ipa-3-0.
I will release 3.1.5 soon to Fedora 18 to fix cooperation with realmd.
Martin
More information about the Freeipa-devel
mailing list