Bug 1213387 - [aaa][kerbldap] freeIPA 4.x base dn should be obtained using defaultNamingContext
Summary: [aaa][kerbldap] freeIPA 4.x base dn should be obtained using defaultNamingCon...
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: 3.6.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ovirt-3.6.0-rc
: 3.6.0
Assignee: Martin Perina
QA Contact: Ondra Machacek
Depends On: 1171395
Blocks: oVirt-AAA-LDAP 1196662 1197441 1213772
TreeView+ depends on / blocked
Reported: 2015-04-20 12:58 UTC by akotov
Modified: 2019-06-13 08:25 UTC (History)
18 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of: 1171395
: 1213772 (view as bug list)
Last Closed: 2016-03-09 21:02:47 UTC
oVirt Team: Infra
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2016:0376 normal SHIPPED_LIVE Red Hat Enterprise Virtualization Manager 3.6.0 2016-03-10 01:20:52 UTC
oVirt gerrit 36120 None None None Never
oVirt gerrit 36140 None None None Never

Comment 6 Ondra Machacek 2015-06-22 15:14:51 UTC
Works fine with IPA 4.1.2 in ovirt 3.6.

Btw, I can see that for RHDS it takes the namingContext as well, not defaultNamingContext, worth to fix?

Comment 7 Oved Ourfali 2015-06-22 16:49:21 UTC
Seems so. 

Comment 8 Alon Bar-Lev 2015-06-22 16:56:25 UTC
389 has defaultNamingContext as far as I know.

$ ldapsearch -H ldap://ldap.corp.redhat.com -b '' -s BASE -x -LLL defaultNamingContext
defaultNamingContext: dc=redhat,dc=com

Comment 9 Ondra Machacek 2015-06-22 17:13:49 UTC
Yes, but engine uses namingContext, not defaultNamingContext. So we have same issue as with IPA.

Comment 10 Alon Bar-Lev 2015-06-22 17:18:22 UTC
(In reply to Ondra Machacek from comment #9)
> Yes, but engine uses namingContext, not defaultNamingContext. So we have
> same issue as with IPA.

oh! I thought the other way around.
I truly do not think we should fix this legacy provider any more.
the ipa fix was because of a change in ipa for existing customers.
not my decision though.

Comment 13 errata-xmlrpc 2016-03-09 21:02:47 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.