[Freeipa-users] 2.1.90 rc1 testing on F17 alpha
Stephen Ingram
sbingram at gmail.com
Mon Mar 12 22:44:09 UTC 2012
On Mon, Mar 12, 2012 at 2:10 PM, Rich Megginson <rmeggins at redhat.com> wrote:
> On 03/12/2012 02:42 PM, Stephen Ingram wrote:
>>
>> On Mon, Mar 12, 2012 at 1:09 PM, Rob Crittenden<rcritten at redhat.com>
>> wrote:
>>
>> ...snip...
>>
>>> Could also be python-ldap, we ran into a schema handling problem already.
>>>
>>> It may be possible to duplicate this from the command line using the
>>> --rights option. This executes the same GER control. I'll have to refresh
>>> my
>>> F-17 install, it is ancient by current standards.
>>>
>>> You could test with something like:
>>>
>>> # ipa user-show --all --rights admin
>>>
>>> If it worked it would include attributelevelrights with a huge list of
>>> values. This represents the rights you have on the various attributes
>>> (read,
>>> write, etc). The UI uses this to determine what it will allow you to
>>> edit.
>>
>> Here is the result:
>>
>> [root at f17a yum.repos.d]# ipa user-show --all --rights admin
>> ipa: ERROR: get-effective-rights: missing subject: Invalid syntax.
>>
>> I would be happy to try the debug flag in python-ldap, but not sure how to
>> do.
>
> I know how to do it hacking the code that uses python-ldap, but I'm not sure
> how to do it without hacking the code.
Can I just change the OPT_DEBUG_LEVEL to 4096 in ipaserver/ipaldap.py
or do I also need to change the settings in each area where an ldap
connection is initiated?
Steve
More information about the Freeipa-users
mailing list