Bug 889083

Summary: For modifiersName/internalModifiersName feature, internalModifiersname is not working for DNA plugin
Product: Red Hat Enterprise Linux 6 Reporter: Amita Sharma <amsharma>
Component: 389-ds-baseAssignee: Rich Megginson <rmeggins>
Status: CLOSED ERRATA QA Contact: Sankar Ramalingam <sramling>
Severity: medium Docs Contact:
Priority: low    
Version: 6.4CC: amsharma, jgalipea, nhosoi, nkinder, tlavigne
Target Milestone: rc   
Target Release: 6.4   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: 389-ds-base-1.2.11.15-10.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-02-21 08:21:52 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 895654    

Description Amita Sharma 2012-12-20 07:46:16 UTC 
Description of problem:
For modifiersName/internalModifiersName feature, internalModifiersname is not 

Steps::
=======
The internalModifersname or internalCreatorsname is NOT supposed to be a 
bind DN, like "cn=directory manager", but either the DNA plugin or the 
the ldbm database plugin.

But we are seeing "cn=directory manager" for internalModifersname in DNA plugin.

/usr/lib64/mozldap/ldapsearch -1 -h dhcp201-134.englab.pnq.redhat.com -p 7512 -D "cn=directory manager" -w Secret123 -b uid=amsharma1,dc=example,dc=com objectClass=* internalModifiersname
dn: uid=amsharma1,dc=example,dc=com
internalModifiersname: cn=directory manager

So this is a bug.
Comment 1 RHEL Program Management 2012-12-24 06:47:09 UTC 
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
Comment 4 Nathan Kinder 2013-01-08 18:41:28 UTC 
Upstream ticket:
https://fedorahosted.org/389/ticket/495
Comment 6 Amita Sharma 2013-01-28 12:22:02 UTC 
grep the internalModifiersname in the user entry
/usr/lib64/mozldap/ldapsearch -1 -T -h dell-pe2800-01.rhts.eng.bos.redhat.com -p 8086 -D cn=directory manager -w Secret123 -b cn=Posix User1,dc=example,dc=com objectClass=* internalModifiersname | grep -i cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
internalModifiersname: cn=Distributed Numeric Assignment Plugin,cn=plugins,cn=config
internalModifiersname is plugin DN

cn=ldbm  database,cn=plugins,cn=config is the expected result when a plugin does  not interfere.  Since no plugins add entries, this is the value that  should always be expected for internalCreatorsname.
The internalModifersname and internalCreatorsname are always going to be plugin names.  They will never be bind DN's.
Comment 7 errata-xmlrpc 2013-02-21 08:21:52 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2013-0503.html