On Apr 8, 2011, at 8:03 AM, Rob Crittenden wrote:

>> On Apr 8, 2011, at 7:24 AM, "Rob Crittenden"<rcrit...@redhat.com>  wrote:
>> 
>>> ipa-nis-manage was failing because root has very limited capabilities when 
>>> binding over ldapi because of autobind. So don't use ldapi.
>>> 
>>> Also force this to be run as root since we start/stop and 
>>> configure/unconfigure services.
>>> 
>>> ticket 1157
>>> 
>>> rob
>>> <freeipa-rcrit-767-nis.patch>

> JR Aquino wrote:
>> Does this imply the use of ldap with tls now or just standard ldap?
>> 
>> There was a previous ticket that changed this and many other tools such that 
>> they used ldapi to accommodate FreeIPA with a minssf set.
> 
> It uses 389, no TLS.
> 
> rob

Is there a way to solve both problems?

#1 Autobind limits root -> ldapi
#2 IPA Tools should not fail when 389ds:dse.ldif has minssf set?

-Fixed the top posting. sorry about that.-

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to