Hide Forgot
Upstream ticket: https://fedorahosted.org/389/ticket/26
Copied from https://fedorahosted.org/389/ticket/26 Steps to verify: 1. install DS (preferably with the admin server and Console) 2. Search nsslapd-defaultnamingcontext in cn=config and defaultnamingcontext in the rootdse. $ ldapsearch -LLLx -h localhost -p <port> -D 'cn=directory manager' -w <pw> -b "cn=config" -s base nsslapd-defaultnamingcontext dn: cn=config nsslapd-defaultnamingcontext: <default suffix (e.g., dc=example,dc=com)> $ ldapsearch -LLLx -h localhost -p <port> -b "" -s base | egrep namingcontext namingContexts: dc=example,dc=com defaultnamingcontext: dc=example,dc=com 3. Add a new suffix "dc=test,dc=com" and verify nsslapd-defaultnamingcontext and defaultnamingcontext are not changed. 4. Remove the new suffix "dc=test,dc=com" and verify nsslapd-defaultnamingcontext and defaultnamingcontext are not changed. 5. Remove the original suffix "dc=example,dc=com" and verify nsslapd-defaultnamingcontext and defaultnamingcontext are both removed. $ ldapsearch -LLLx -h localhost -p <port> -D 'cn=directory manager' -w <pw> -b "cn=config" -s base nsslapd-defaultnamingcontext dn: cn=config nsslapd-defaultnamingcontext: $ ldapsearch -LLLx -h localhost -p <port> -b "" -s base | egrep namingcontext $ 6. Add a new suffix "dc=newtest,dc=com" and verify the new suffix is set to nsslapd-defaultnamingcontext and defaultnamingcontext. $ ldapsearch -LLLx -h localhost -p <port> -D 'cn=directory manager' -w <pw> -b "cn=config" -s base nsslapd-defaultnamingcontext dn: cn=config nsslapd-defaultnamingcontext: dc=newtest,dc=com $ ldapsearch -LLLx -h localhost -p 10389 -b "" -s base | egrep namingcontext namingContexts: dc=newtest,dc=com defaultnamingcontext: dc=newtest,dc=com
QE automation complete for this feature
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: LDAP clients not configured with a search base attempting to search against the directory server. Consequence: There was no easy way to determine what default search base to use. Change: Added a new attribute to the root DSE (the entry with the empty dn "") called defaultNamingContext. This allows clients to easily discover what search base to use. Result: Clients can query the root DSE for the defaultNamingContext, then use that to search for users, etc.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2012-0813.html