Bug 677467 - preventryusn gets added to entries on a failed delete
Summary: preventryusn gets added to entries on a failed delete
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: 389-ds-base
Version: 6.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Rich Megginson
QA Contact: Chandrasekar Kannan
URL:
Whiteboard:
Depends On: 675265
Blocks: 639035 389_1.2.8 676871
TreeView+ depends on / blocked
 
Reported: 2011-02-14 22:09 UTC by Rich Megginson
Modified: 2015-01-04 23:46 UTC (History)
7 users (show)

Fixed In Version: 389-ds-base-1.2.8-0.3.a3.el6
Doc Type: Bug Fix
Doc Text:
Clone Of: 675265
Environment:
Last Closed: 2011-05-19 12:41:45 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2011:0533 0 normal SHIPPED_LIVE new package: 389-ds-base 2011-05-18 17:57:44 UTC

Comment 2 Amita Sharma 2011-04-14 14:03:13 UTC 
Hi,

Tested this bug, steps are as below :
1. ldapmodify -x -h localhost -p 389 -D "cn=Directory Manager" -w Secret123 <<
EOF
> dn: cn=config
> changetype: modify
> replace: nsslapd-entryusn-global
> nsslapd-entryusn-global: on
> EOF
modifying entry "cn=config"

2.ldapsearch -x -h localhost -p 389 -D "cn=Directory Manager" -w Secret123 -b
"cn=config" | grep -i ENTRYUSN
nsslapd-entryusn-global: on

3. Added one entry :
ldapmodify -x -h localhost -p 1389 -D "cn=Directory Manager" -w Secret123 <<
EOF
dn: uid=amita,ou=people,dc=example,dc=com
changetype: add
objectClass: top
objectClass: person
objectClass: inetorgperson
sn: testkrbuser
cn: kkk testkrbuser
userPassword: redhat
EOF

adding new entry "uid=amita,ou=people,dc=example,dc=com"

4. Added another entry which will be used for deletion -
dn: uid=test11,dc=example,dc=com
mail: test11
uid: test11
givenName: test11
objectClass: top
objectClass: person
objectClass: inetorgperson
objectClass: ntUser
objectClass: inetuser
objectClass: organizationalPerson
sn: test11
cn: rrr test11
ntUserCreateNewAccount: true
ntUserDomainId: test11
ntUserDeleteAccount: true
userPassword:: e1NTSEF9UUdFc29jcEJ6QlZjcG5RaUFrbHgzd3l4MUl2RWZRWXJpVnVaMEE9PQ=
 =
telephoneNumber: 989898191

5. ldapdelete -x -h localhost -p 1389 -D
"uid=amita,ou=people,dc=example,dc=com" -w redhat uid=test11,dc=example,dc=com
ldap_delete: Insufficient access (50)
 additional info: Insufficient 'delete' privilege to delete the entry
'uid=test11,dc=example,dc=com'.

6. ldapsearch -x -h localhost -p 1389 -D "cn=Directory Manager" -w Secret123 -b
"dc=example,dc=com"
# test11, example.com
dn: uid=test11,dc=example,dc=com
mail: test11
uid: test11
givenName: test11
objectClass: top
objectClass: person
objectClass: inetorgperson
objectClass: ntUser
objectClass: inetuser
objectClass: organizationalPerson
sn: test11
cn: rrr test11
ntUserCreateNewAccount: true
ntUserDomainId: test11
ntUserDeleteAccount: true
userPassword:: e1NTSEF9UUdFc29jcEJ6QlZjcG5RaUFrbHgzd3l4MUl2RWZRWXJpVnVaMEE9PQ=
 =
telephoneNumber: 989898191

preventryusn is not added.
Hence bug is tested OK. Marking it as VERIFIED.

-Amita Sharma
Comment 3 errata-xmlrpc 2011-05-19 12:41:45 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2011-0533.html
Note You need to log in before you can comment on or make changes to this bug.