Jakub Hrozek wrote:
Hash: SHA1

On 11/22/2010 04:21 PM, Jakub Hrozek wrote:
On 11/22/2010 04:16 PM, Jakub Hrozek wrote:
The code handles it (I just ran a quick test with --schema=RFC2307bis).

It just iterates through all members of a group -- be it user member of
group member, it's just a DN for the plugin.


Sorry, I found another bug in the plugin. I'll send a new patch shortly,
so please don't waste time reviewing this one.

New patch is attached. It fixes two more bugs of the original plugin -
determines whether a group member is a user or a nested group by
checking the DN, not just the RDN attribute name and does not hardcode
primary keys.

Will this blow up in convert_members_rfc2307bis() if a member isn't contained in the users and groups containers? Should there be a failsafe to skip over things that don't match (along with appropriate reporting)? Or if one of users or groups search bases isn't provided?

It definitely doesn't like this:
# ipa migrate-ds --user-container='' --group-container='cn=groups,cn=accounts' ldap://ds.example.com:389

When passed the right set of options it does seem to do the right thing.


Freeipa-devel mailing list

Reply via email to