The admldapBuildInfoCbk() function is supposed to create an LDAP handle. This handle is not getting created since it is attempting to bind as the sie DN, which will always fail. This causes a problem for other functions which require a valid LDAP handle. One of the functions that this causes a problem for in particular is the admldapGetUserDirectoryInfo() function. The admldapGetUserDirectoryInfo function is used to get info about the users and groups directory. This is used at Admin Server startup time as well as by the ugdsconfig CGI that is called by the Admin Server Console. When used by the Console, we need to pass the userdn used to authenticate to the Admin Server through to the Directory Server. This approach does not work for the startup of the Admin Server since there is no userdn set at that time. This is ok since mod_admserv will use cached info if there is no LDAP handle present. The attached diffs address this issue by overriding the sie DN with the userdn when when setting up the LDAP handle. We only override the sie DN if the userdn is initialized.
Created attachment 158620 [details] CVS Diffs
Ok.
Checked into adminutil (HEAD). Thanks for the review Rich! Checking in include/libadminutil/distadm.h; /cvs/dirsec/adminutil/include/libadminutil/distadm.h,v <-- distadm.h new revision: 1.5; previous revision: 1.4 done Checking in lib/libadminutil/admutil.c; /cvs/dirsec/adminutil/lib/libadminutil/admutil.c,v <-- admutil.c new revision: 1.9; previous revision: 1.8 done Checking in lib/libadminutil/distadm.c; /cvs/dirsec/adminutil/lib/libadminutil/distadm.c,v <-- distadm.c new revision: 1.4; previous revision: 1.3 done
adminutil-1.1.3-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.