[Freeipa-devel] [PATCH] 130 ipa-client assumes a single namingcontext

Stephen Gallagher sgallagh at redhat.com
Fri Sep 30 20:02:31 UTC 2011


On Thu, 2011-09-29 at 15:20 +0200, Martin Kosek wrote:
> How to test:
> 1) Add new naming context (suffix) to your LDAP database with installed
> IPA (see attached LDIF). The server should return the new suffix as the
> first one. You can change with its base DN if it does not.
> 2) Install IPA client against the server. ipa-client-install should the
> LDAP server as the IPA one only if the patch is applied on the client
> 
> ---
> 
> When LDAP server contains more that one suffixes, the ipa client
> installation does not detect it as IPA server and fails to install.
> Fix ipa server discovery so that it correctly searches all naming
> contexts for the IPA one.
> 
> https://fedorahosted.org/freeipa/ticket/1868


Tangentially related, it would be prudent for FreeIPA server
installations to set not only namingContexts but also the
defaultNamingContext. This way, clients autodetecting the ldap search
base from the RootDSE will have an unambiguous way to do so (in the
event that multiple namingContexts have been added)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110930/bc3c2113/attachment.sig>


More information about the Freeipa-devel mailing list