Hide Forgot
This bug is created as a clone of upstream ticket: https://fedorahosted.org/389/ticket/48366 using RFC 4370 proxy auth LDAP control when bound as cn=Directory Manager does not allow ACIs to be evaluated as the proxied identity. We need this to make sure we can consider LDAP ACIs in IPA KDC driver.
RHEL: RHEL 7.3 x86_64 Server DS builds: [pkundal@localhost tickets]$ rpm -qa | grep 389 389-ds-base-libs-1.3.5.10-1.el7.x86_64 389-ds-base-1.3.5.10-1.el7.x86_64 [pkundal@localhost tickets]$ sudo py.test -v ticket48366_test.py ======================== test session starts =============================== platform linux2 -- Python 2.7.5, pytest-2.9.2, py-1.4.31, pluggy-0.3.1 -- /usr/bin/python cachedir: .cache rootdir: /home/pkundal/ds/dirsrvtests/tests/tickets, inifile: collected 4 items ticket48366_test.py::test_ticket48366_init PASSED ticket48366_test.py::test_ticket48366_search_user PASSED ticket48366_test.py::test_ticket48366_search_dm PASSED ticket48366_test.py::test_ticket48366_final PASSED ================= 4 passed in 19.32 seconds =====================================
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2016-2594.html