Bug 113415 - ldap schemas conflict
ldap schemas conflict
Status: CLOSED DEFERRED
Product: Fedora
Classification: Fedora
Component: nss_ldap (Show other bugs)
1
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On: 121843
Blocks:
  Show dependency treegraph
 
Reported: 2004-01-13 12:58 EST by Petr Krištof
Modified: 2007-11-30 17:10 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-12-09 06:55:28 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Petr Krištof 2004-01-13 12:58:35 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1)
Gecko/20031114

Description of problem:
account objectclass's attribute 'host' was used in previous versions
of RedHat to allow/deny user access to different hosts on network for
users stored in ldap backend.

The openldap schemas was changed in 2.1. Objectclass account is
STRUCTURAL. sambaSAMaccount objectclass is STRUCTURAL too.
So there cannt exist ldap users what can access unix shell
and samba service.
Leaving host attribute empty and not using account objectclass
make result to not be able to select users access to different hosts.

To resolve this issue, you need cooperation of PADL.COM and
openldap.org. Maybe changing account objectclass to structural
will be solution.

This is good example of fact how RedHat linux is ready for enterprise
market.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
.
    

Additional info:
Comment 1 Petr Krištof 2004-04-28 12:15:57 EDT
We can fix it by using ldapns.schema.
So I did set #121843 as blocker.
Comment 2 Petr Krištof 2004-12-09 06:55:28 EST
Objectclass sambaSamAccount is AUXILIARY in samba-3.0.9's samba.schema
from Fedora Core 3, now.
Objectclass account from cosine.schema is not used anymore.
Closing this bug as DEFFERED.

Note You need to log in before you can comment on or make changes to this bug.