Bug 1266206

Summary: Allow PRE_BIND plugins to mangle DNs
Product: Red Hat Enterprise Linux 7 Reporter: Noriko Hosoi <nhosoi>
Component: 389-ds-baseAssignee: wibrown <wibrown>
Status: CLOSED ERRATA QA Contact: Viktor Ashirov <vashirov>
Severity: low Docs Contact:
Priority: low    
Version: 7.0CC: mreynolds, nkinder, rmeggins, spichugi
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 389-ds-base-1.3.6.1-3.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-08-01 21:10:21 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Noriko Hosoi 2015-09-24 19:02:45 UTC 
In some cases it is very useful to allow a plugin to change the target_dn before the bind credentials are checked, this allows to implement things like virtual trees with different based DNs that use the original entry for bind purposes, or allow non standard identifiers to be translated into the proper DN directly by a plugin.

Note: need to validate DN after bind pre-op plug-in is called.
Comment 1 Noriko Hosoi 2016-11-07 20:30:50 UTC 
Setting the status of this to POST since the upstream ticket 48272 is already closed with fixed.

Please reset it if it is not correct.
Comment 3 Simon Pichugin 2017-05-31 17:28:06 UTC 
Automated test case can be found at dirsrvtests/tests/tickets/ticket48272_test.py:

===================== test session starts =====================
platform linux2 -- Python 2.7.5, pytest-3.1.1, py-1.4.33, pluggy-0.4.0 -- /usr/bin/python
cachedir: .cache
metadata: {'Python': '2.7.5', 'Platform': 'Linux-3.10.0-671.el7.x86_64-x86_64-with-redhat-7.4-Maipo', 'Packages': {'py': '1.4.33', 'pytest': '3.1.1', 'pluggy': '0.4.0'}, 'Plugins': {'beakerlib': '0.7.1', 'html': '1.14.2', 'cov': '2.5.1', 'metadata': '1.5.0'}}
DS build: 1.3.6.1
389-ds-base: 1.3.6.1-15.el7
nss: 3.28.4-8.el7
nspr: 4.13.1-1.0.el7_3
openldap: 2.4.44-4.el7
svrcore: 4.1.3-2.el7

rootdir: /export/tests, inifile:
plugins: metadata-1.5.0, html-1.14.2, cov-2.5.1, beakerlib-0.7.1
collected 1 items

tickets/ticket48272_test.py::test_ticket48272 PASSED

===================== 1 passed in 8.64 seconds =====================

Marking as verified.
Comment 4 errata-xmlrpc 2017-08-01 21:10:21 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2086