1213387 – [aaa][kerbldap] freeIPA 4.x base dn should be obtained using defaultNamingContext

Bug 1213387 - [aaa][kerbldap] freeIPA 4.x base dn should be obtained using defaultNamingContext

Summary: [aaa][kerbldap] freeIPA 4.x base dn should be obtained using defaultNamingCon...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Virtualization Manager
Classification:	Red Hat
Component:	ovirt-engine
Sub Component:
Version:	3.6.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	urgent
Target Milestone:	ovirt-3.6.0-rc
Target Release:	3.6.0
Assignee:	Martin Perina
QA Contact:	Ondra Machacek
Docs Contact:
URL:
Whiteboard:
Depends On:	1171395
Blocks:	oVirt-AAA-LDAP 1196662 1197441 1213772
TreeView+	depends on / blocked

Reported:	2015-04-20 12:58 UTC by akotov
Modified:	2019-06-13 08:25 UTC (History)
CC List:	18 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:	1171395
Clones:	1213772 (view as bug list)
Environment:
Last Closed:	2016-03-09 21:02:47 UTC
oVirt Team:	Infra
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHEA-2016:0376	normal	SHIPPED_LIVE	Red Hat Enterprise Virtualization Manager 3.6.0	2016-03-10 01:20:52 UTC
oVirt gerrit	36120	None	None	None	Never
oVirt gerrit	36140	None	None	None	Never

Comment 6 Ondra Machacek 2015-06-22 15:14:51 UTC

Works fine with IPA 4.1.2 in ovirt 3.6.

Btw, I can see that for RHDS it takes the namingContext as well, not defaultNamingContext, worth to fix?

Comment 7 Oved Ourfali 2015-06-22 16:49:21 UTC

Seems so. 
Alon?

Comment 8 Alon Bar-Lev 2015-06-22 16:56:25 UTC

389 has defaultNamingContext as far as I know.

$ ldapsearch -H ldap://ldap.corp.redhat.com -b '' -s BASE -x -LLL defaultNamingContext
dn:
defaultNamingContext: dc=redhat,dc=com

Comment 9 Ondra Machacek 2015-06-22 17:13:49 UTC

Yes, but engine uses namingContext, not defaultNamingContext. So we have same issue as with IPA.

Comment 10 Alon Bar-Lev 2015-06-22 17:18:22 UTC

(In reply to Ondra Machacek from comment #9)
> Yes, but engine uses namingContext, not defaultNamingContext. So we have
> same issue as with IPA.

oh! I thought the other way around.
I truly do not think we should fix this legacy provider any more.
the ipa fix was because of a change in ipa for existing customers.
not my decision though.

Comment 13 errata-xmlrpc 2016-03-09 21:02:47 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-0376.html

Note You need to log in before you can comment on or make changes to this bug.