[Freeipa-devel] [PATCH 0057] Do not use anonymous bind in migration UI.
David Kupka
dkupka at redhat.com
Thu Jul 16 10:16:37 UTC 2015
On 15/07/15 16:04, David Kupka wrote:
> On 15/07/15 15:34, Jan Cholasta wrote:
>> Dne 15.7.2015 v 15:21 David Kupka napsal(a):
>>> https://fedorahosted.org/freeipa/ticket/4953
>>>
>>> To test this patch:
>>>
>>> 1. Migrate users from LDAP or other FreeIPA server
>>> (https://www.freeipa.org/page/Howto/Migration)
>>>
>>> 2. Disable anonymous bind to Directory Server
>>> (https://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/disabling-anon-binds.html)
>>>
>>>
>>>
>>>
>>> 3. Go to FreeIPA migration page (ipa.example.com/ipa/migration/) and
>>> enter name and password of one of the migrated users.
>>>
>>> Without this patch you will get an error page.
>>
>> NACK, you are calling do_bind with wrong arguments.
>>
> Updated patch attached.
>
>
>
With Honza, we've found better solution. Instead of binding to the LDAP
just to get base DN we can instantiate api and use api.env.basedn
variable. In the same time we can use api.anv.ldap_uri instead of
searching filesystem for ldapi socket.
Patch attached.
--
David Kupka
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-dkupka-0057.2-migration-Use-api.env-variables.patch
Type: text/x-patch
Size: 2624 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150716/d44595cf/attachment.bin>
More information about the Freeipa-devel
mailing list