Bug 1290101 - proxyauth support does not work when bound as directory manager
Summary: proxyauth support does not work when bound as directory manager
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: 389-ds-base
Version: 7.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Noriko Hosoi
QA Contact: Viktor Ashirov
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-12-09 16:34 UTC by Nathan Kinder
Modified: 2016-11-03 20:38 UTC (History)
3 users (show)

Fixed In Version: 389-ds-base-1.3.5.7-1.el7
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-11-03 20:38:04 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:2594 normal SHIPPED_LIVE Moderate: 389-ds-base security, bug fix, and enhancement update 2016-11-03 12:11:08 UTC

Description Nathan Kinder 2015-12-09 16:34:15 UTC
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/389/ticket/48366

using RFC 4370 proxy auth LDAP control when bound as cn=Directory Manager does not allow ACIs to be evaluated as the proxied identity. We need this to make sure we can consider LDAP ACIs in IPA KDC driver.

Comment 2 Punit Kundal 2016-07-08 11:17:59 UTC
RHEL:
RHEL 7.3 x86_64 Server

DS builds:
[pkundal@localhost tickets]$ rpm -qa | grep 389
389-ds-base-libs-1.3.5.10-1.el7.x86_64
389-ds-base-1.3.5.10-1.el7.x86_64

[pkundal@localhost tickets]$ sudo py.test -v ticket48366_test.py
======================== test session starts ===============================
platform linux2 -- Python 2.7.5, pytest-2.9.2, py-1.4.31, pluggy-0.3.1 -- /usr/bin/python
cachedir: .cache
rootdir: /home/pkundal/ds/dirsrvtests/tests/tickets, inifile:
collected 4 items
 
ticket48366_test.py::test_ticket48366_init PASSED
ticket48366_test.py::test_ticket48366_search_user PASSED
ticket48366_test.py::test_ticket48366_search_dm PASSED
ticket48366_test.py::test_ticket48366_final PASSED
 
================= 4 passed in 19.32 seconds =====================================

Comment 4 errata-xmlrpc 2016-11-03 20:38:04 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-2594.html


Note You need to log in before you can comment on or make changes to this bug.