[Freeipa-devel] [PATCH] Use escapes in DNs instead of quoting.
Rob Crittenden
rcritten at redhat.com
Fri Mar 26 15:56:21 UTC 2010
Pavel Zuna wrote:
> This patch effectively removes all LDAPv2 style quoted DNs and makes
> sure we don't use them anymore.
>
> KDC doesn't seem to have any problems with LDAPv3 style DNs, but I kept
> the option to disable DN normalization for now.
>
> I also had to add a new dollar variable for LDIF files: $ESCAPED_SUFFIX.
> We need it to create entries that contain the DN of another entry in
> their own, like the account activated/inactivated CoS entries.
>
> what I tested:
> - playing around with password policies and CoS entries using both
> pwpolicy and pwpolicy2
> - changing user passwords to see if the policies apply
> - re-installing IPA to see if the activated/inactived CoS entries where OK
> - user-lock/user-unlock
>
> The patch depends on the pwpolicy2 plugin. Well, it doesn't depend on
> it, but won't apply without. I didn't realize before committing and
> couldn't get it back by re-basing, so...
>
> Pavel
replication also uses v2-style escaping. This code looks ok for what it
touches but it isn't complete.
rob
More information about the Freeipa-devel
mailing list