Bug 1252089 - Satellite 6 AD integration - find_by_dn incorrectly splitting a DN string blindly on comma
Satellite 6 AD integration - find_by_dn incorrectly splitting a DN string bli...
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Users & Roles (Show other bugs)
x86_64 Linux
unspecified Severity medium (vote)
: Unspecified
: --
Assigned To: satellite6-bugs
Kedar Bidarkar
: Triaged
Depends On:
  Show dependency treegraph
Reported: 2015-08-10 12:56 EDT by Freddy Wissing
Modified: 2017-09-15 04:27 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2017-09-15 04:27:39 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Comment 1 Freddy Wissing 2015-08-10 13:01:01 EDT
Description of problem:

File /opt/rh/ruby193/root/usr/share/gems/gems/ldap_fluff-0.3.2/lib/ldap_fluff/generic_member_service.rb  has function "find_by_dn" on line 24.  The first split function in this file is incorrectly splitting a DN string blindly on comma.  It is not factoring in that AD frequently uses lastname, firstname as part of the users DN and therefore the CN and base values are being broken out incorrectly.

Version-Release number of selected component (if applicable):

How reproducible:


Steps to Reproduce:

Customer conducts a puts call with some debugging info into this call and receive the following:
[ 2015-07-17 10:09:14.5163 28787/7f102826e700 Pool2/Implementation.cpp:1274 ]: [App 28886 stdout] VER001
dn :CN=Jones\, James E. (FKN),OU=DomainDODUsers,OU=UsersGroups,DC=accounts,DC=root,DC=corp:
Base : James E. (FKN),OU=DomainDODUsers,OU=UsersGroups,DC=accounts,DC=root,DC=corp:
Entry_value :Jones\:
Entry_attr :CN

Actual results:

The initial split gives a DN piece of "DN=Miller"  and an OU structure of " Sean (HPX),OU=blah,OU=boo, etc..."

Expected results:

DN=Miller, Sean (HPX),OU=blah,OU=boo, etc ... 


From customer:  To correct this behavior I had to modify the code from "split on comma" to "split on ',OU=' and then put OU= back on the fromt of the OU portion.

As for the rest, basically, once I implemented this change, it took a while before things started working as expected.
Comment 3 jared jennings 2015-10-08 10:39:39 EDT
A slightly different way of fixing the problem has been integrated into ldap_fluff; see https://github.com/theforeman/ldap_fluff/pull/46.
Comment 4 jared jennings 2015-10-13 11:14:30 EDT
I've verified that the commit in the pull request, https://github.com/jaredjennings/ldap_fluff/commit/183e87be6a6fed658e25099972fdbf7b82046b89, applies cleanly to version 0.3.2, and after application all the tests succeed (including the one added).
Comment 7 Bryan Kearney 2016-07-26 11:25:24 EDT
Moving 6.2 bugs out to sat-backlog.
Comment 8 Bryan Kearney 2016-07-26 11:42:04 EDT
Moving 6.2 bugs out to sat-backlog.
Comment 10 Daniel Lobato Garcia 2017-09-15 04:27:39 EDT
This was fixed back in 2015 by https://github.com/theforeman/ldap_fluff/commit/183e87be6a6fed658e25099972fdbf7b82046b89 - which was released with 6.2. Please reopen if you find the problem again.

Thanks !

Note You need to log in before you can comment on or make changes to this bug.