Bug 821542 - letters in object's cn get converted to lowercase when renaming object
Summary: letters in object's cn get converted to lowercase when renaming object
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: 389-ds-base
Version: 6.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Rich Megginson
QA Contact: IDM QE LIST
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-05-14 21:08 UTC by Noriko Hosoi
Modified: 2012-06-20 07:15 UTC (History)
4 users (show)

Fixed In Version: 389-ds-base.1.2.10.2-12.el6
Doc Type: Bug Fix
Doc Text:
Cause: DN is internally normalized and the case information was dropped. Consequence: Renaming a string in DN with the same string having different lower/uppercase dropped the case changes. Fix: Fixed to keep the upper/lowercase info in the DN. Result: Replacing only the cases in DN is now available.
Clone Of:
Environment:
Last Closed: 2012-06-20 07:15:41 UTC
Target Upstream Version:


Attachments (Terms of Use)
git patch file (389-ds-base-1.2.10) (14.51 KB, patch)
2012-05-14 21:18 UTC, Noriko Hosoi
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2012:0813 normal SHIPPED_LIVE Low: 389-ds-base security, bug fix, and enhancement update 2012-06-19 19:29:15 UTC

Description Noriko Hosoi 2012-05-14 21:08:27 UTC
This bug is created as a clone of upstream ticket:
https://fedorahosted.org/389/ticket/338


When renaming object, all letters in its CN get converted into lower case.

corresponding ticket in FreeIPA: [https://fedorahosted.org/freeipa/ticket/2620 https://fedorahosted.org/freeipa/ticket/2620]

{{{
ldapsearch -x -D "cn=directory manager" -w baconbacon -b "cn=permissions,cn=pbac,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com" cn=permission1


# extended LDIF
#
# LDAPv3
# base <cn=permissions,cn=pbac,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com> with scope subtree
# filter: cn=permission1
# requesting: ALL
#

# Permission1, permissions, pbac, idm.lab.bos.redhat.com
dn: cn=Permission1,cn=permissions,cn=pbac,dc=idm,dc=lab,dc=bos,dc=redhat,dc=co
 m
objectClass: groupofnames
objectClass: ipapermission
objectClass: top
cn: Permission1

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

======================================================================================================

rdn.txt:

cn=Permission1,cn=permissions,cn=pbac,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com
cn=Permission2

===========================================

ldapmodrdn -x -w baconbacon -D "cn=directory manager" -r -v -f rdn.txt

ldap_initialize( <DEFAULT> )
Renaming "cn=Permission1,cn=permissions,cn=pbac,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com"
	new rdn="cn=Permission2" (delete old rdn)
Rename Result: Success (0)

===========================================

ldapsearch -x -D "cn=directory manager" -w baconbacon -b "cn=permissions,cn=pbac,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com" cn=permission2

# extended LDIF
#
# LDAPv3
# base <cn=permissions,cn=pbac,dc=idm,dc=lab,dc=bos,dc=redhat,dc=com> with scope subtree
# filter: cn=permission2
# requesting: ALL
#

# permission2, permissions, pbac, idm.lab.bos.redhat.com
dn: cn=permission2,cn=permissions,cn=pbac,dc=idm,dc=lab,dc=bos,dc=redhat,dc=co
 m
objectClass: groupofnames
objectClass: ipapermission
objectClass: top
cn: permission2

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
}}}

Comment 2 Noriko Hosoi 2012-05-14 21:18:00 UTC
Created attachment 584480 [details]
git patch file (389-ds-base-1.2.10)

Back ported from master.
(Ported from commit 178fe6a74c793b3c6adc71f571bba40a6271325c)

Comment 6 Amita Sharma 2012-05-22 07:13:20 UTC
1. ldapadd -x -h localhost -p 389 -D "cn=Directory Manager" -w Secret123  << EOF
dn: cn=AMITA,ou=people,dc=example,dc=com
cn: AMITA
sn: ams
givenname: ams
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
uid: ams
mail: ams@example.com
userpassword: amsamsams
EOF

2. [root@dhcp201-194 ~]# ldapsearch -x -h localhost -p 389 -D "cn=Directory Manager" -w Secret123 -b "cn=AMITA,ou=people,dc=example,dc=com"
# extended LDIF
#
# LDAPv3
# base <cn=AMITA,ou=people,dc=example,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# AMITA, People, example.com
dn: cn=AMITA,ou=People,dc=example,dc=com
cn: AMITA
sn: ams
givenName: ams
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: ams
mail: ams@example.com
userPassword:: e1NTSEF9R21HTTRHNVRWYWxSbjI3MFp5VkkxSlBxNE5CMzUvOXMrQ0V5MUE9PQ=
 =

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

3. [root@dhcp201-194 export]# cat rdn.txt 
cn=AMITA,ou=people,dc=example,dc=com
cn=SHARMA

4. ldapmodrdn -x -w Secret123 -D "cn=directory manager" -r -v -f rdn.txt
[root@dhcp201-194 export]# ldapmodrdn -x -w Secret123 -D "cn=directory manager" -r -v -f rdn.txt
ldap_initialize( <DEFAULT> )
Renaming "cn=AMITA,ou=people,dc=example,dc=com"
	new rdn="cn=SHARMA" (delete old rdn)
Rename Result: Success (0)

5. ldapsearch -x -h localhost -p 389 -D "cn=Directory Manager" -w Secret123 -b "ou=people,dc=example,dc=com"
# SHARMA, People, example.com
dn: cn=SHARMA,ou=People,dc=example,dc=com
sn: ams
givenName: ams
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
uid: ams
mail: ams@example.com
userPassword:: e1NTSEF9R21HTTRHNVRWYWxSbjI3MFp5VkkxSlBxNE5CMzUvOXMrQ0V5MUE9PQ=
 =
cn: SHARMA

HENCE VERIFIED.

Comment 7 Noriko Hosoi 2012-05-25 01:04:26 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause: DN is internally normalized and the case information was dropped.
Consequence: Renaming a string in DN with the same string having different lower/uppercase dropped the case changes.
Fix: Fixed to keep the upper/lowercase info in the DN.
Result: Replacing only the cases in DN is now available.

Comment 8 errata-xmlrpc 2012-06-20 07:15:41 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-0813.html


Note You need to log in before you can comment on or make changes to this bug.