Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 189176

Summary: default ACI on userRoot suffix doesn't match default admin group
Product: [Retired] 389 Reporter: Ulf Weltman <ulf.weltman>
Component: Install/UninstallAssignee: Nathan Kinder <nkinder>
Status: CLOSED CURRENTRELEASE QA Contact: Viktor Ashirov <vashirov>
Severity: medium Docs Contact:
Priority: medium    
Version: 1.0   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-12-07 16:39:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 152373, 208654, 240316    
Attachments:
Description Flags
Attached exported ldif which shows proper ACI none

Description Ulf Weltman 2006-04-17 20:45:54 UTC 
Description of problem:
One of the default ACI on the user suffix is:
aci: (targetattr ="*")(version 3.0;acl "Directory Administrators Group";allow
 (all) (groupdn = "ldap:///ou=Directory Administrators, dc=cup,dc=hp,dc=com")
 ;)

But the DN of the default directory administrators group is "cn=Directory
Administrators, dc=cup,dc=hp,dc=com" so that doesn't match the ACI.  In
ldapserver/ldap/ldif/template.ldif change the "ou" to "cn" in that ACI...

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Nathan Kinder 2006-04-18 17:34:17 UTC 
Checked into HEAD (ldapserver).

Checking in template.ldif;
/cvs/dirsec/ldapserver/ldap/ldif/template.ldif,v  <--  template.ldif
new revision: 1.5; previous revision: 1.4
done

Index: template.ldif
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/ldif/template.ldif,v
retrieving revision 1.4
diff -r1.4 template.ldif
47c47
<  ou=Directory Administrators, %%%SUFFIX%%%");)
---
>  cn=Directory Administrators, %%%SUFFIX%%%");)
Comment 2 Anh Nguyen 2007-12-07 16:20:12 UTC 
Verified.

See attached for the exported ldif file.
Comment 3 Anh Nguyen 2007-12-07 16:20:59 UTC 
Created attachment 281331 [details]
Attached exported ldif which shows proper ACI