Jakub Hrozek wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/22/2010 04:21 PM, Jakub Hrozek wrote:
On 11/22/2010 04:16 PM, Jakub Hrozek wrote:
The code handles it (I just ran a quick test with --schema=RFC2307bis).
It just iterates through all members of a group -- be it user member of
group member, it's just a DN for the plugin.
Jakub
Sorry, I found another bug in the plugin. I'll send a new patch shortly,
so please don't waste time reviewing this one.
New patch is attached. It fixes two more bugs of the original plugin -
determines whether a group member is a user or a nested group by
checking the DN, not just the RDN attribute name and does not hardcode
primary keys.
Will this blow up in convert_members_rfc2307bis() if a member isn't
contained in the users and groups containers? Should there be a failsafe
to skip over things that don't match (along with appropriate reporting)?
Or if one of users or groups search bases isn't provided?
It definitely doesn't like this:
# ipa migrate-ds --user-container=''
--group-container='cn=groups,cn=accounts' ldap://ds.example.com:389
When passed the right set of options it does seem to do the right thing.
rob
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
