Mailinglist Archive: opensuse-bugs (9648 mails)
| < Previous | Next > |
[Bug 339326] nss_ldap group lookups fail with eDirectory server (cause: group-utf8.dif)
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Wed, 7 Nov 2007 06:03:40 -0700 (MST)
- Message-id: <20071107130340.240F4CC7AC@xxxxxxxxxxxxxxxxxxxxxx>
https://bugzilla.novell.com/show_bug.cgi?id=339326#c4
Ralf Haferkamp <rhafer@xxxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
Info Provider|
|adaugherity@xxxxxxxx
--- Comment #4 from Ralf Haferkamp <rhafer@xxxxxxxxxx> 2007-11-07 06:03:39 MST
---
Thanks. The output of ldapsearch indicates that your eDirectory Server doesn't
return the "cn" attribute of the entry. Reasons for that could be:
1. Access Control Lists currently in place don't give read access to "cn" for
anonymous users.
2. The entry doesn't have that attribute. Which normally shouldn't happen,
because the entry uses "cn" as the naming attribute in the RDN. Because of that
the attribute must also be present in the Entry. Not sure if eDirectory does
enforce the Rule, though (OpenLDAP would).
Please check your server for the above problems. And report back what is was.
I'll take a closer look into the group-utf8.patch, but I don't think that that
patch can go away currently. In fact I indent to submit it upstream.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
Ralf Haferkamp <rhafer@xxxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
Info Provider|
|adaugherity@xxxxxxxx
--- Comment #4 from Ralf Haferkamp <rhafer@xxxxxxxxxx> 2007-11-07 06:03:39 MST
---
Thanks. The output of ldapsearch indicates that your eDirectory Server doesn't
return the "cn" attribute of the entry. Reasons for that could be:
1. Access Control Lists currently in place don't give read access to "cn" for
anonymous users.
2. The entry doesn't have that attribute. Which normally shouldn't happen,
because the entry uses "cn" as the naming attribute in the RDN. Because of that
the attribute must also be present in the Entry. Not sure if eDirectory does
enforce the Rule, though (OpenLDAP would).
Please check your server for the above problems. And report back what is was.
I'll take a closer look into the group-utf8.patch, but I don't think that that
patch can go away currently. In fact I indent to submit it upstream.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
| < Previous | Next > |