[Freeipa-devel] [PATCH] 767 fix ipa-nis-manage
JR Aquino
JR.Aquino at citrix.com
Fri Apr 8 15:09:31 UTC 2011
On Apr 8, 2011, at 8:03 AM, Rob Crittenden wrote:
>> On Apr 8, 2011, at 7:24 AM, "Rob Crittenden"<rcritten at redhat.com> wrote:
>>
>>> ipa-nis-manage was failing because root has very limited capabilities when binding over ldapi because of autobind. So don't use ldapi.
>>>
>>> Also force this to be run as root since we start/stop and configure/unconfigure services.
>>>
>>> ticket 1157
>>>
>>> rob
>>> <freeipa-rcrit-767-nis.patch>
> JR Aquino wrote:
>> Does this imply the use of ldap with tls now or just standard ldap?
>>
>> There was a previous ticket that changed this and many other tools such that they used ldapi to accommodate FreeIPA with a minssf set.
>
> It uses 389, no TLS.
>
> rob
Is there a way to solve both problems?
#1 Autobind limits root -> ldapi
#2 IPA Tools should not fail when 389ds:dse.ldif has minssf set?
-Fixed the top posting. sorry about that.-
More information about the Freeipa-devel
mailing list