Martin Kosek wrote:
On Tue, 2011-10-11 at 17:40 -0400, Rob Crittenden wrote:
Fix OTP client enrollment when anonymous searches are disabled in 389-ds.

This is fixed mostly by passing in the basedn to ipa-join so we don't
have to hunt for it. I did modify that routine so it will look through
all naming contexts to find the IPA one but this will fail if anonymous
searches are not allowed.

I fixed a couple of minor memory leaks too (valgrind still reports
several but they are out of our control).

This should be tested both with a OTP host and using an authorized user.

rob

Hmm, works fine. Good job there. I tested all four cases -
password/kerberos join on LDAP server with anonymous binds
allowed/disallowed. ipa-join was always successful.

ACK. Please, just fix one whitespace error before pushing:

$ git apply ~/freeipa-rcrit-890-client.patch
/home/mkosek/freeipa-rcrit-890-client.patch:87: trailing whitespace.

Martin


Fixed and pushed to master and ipa-2-1

rob

_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Reply via email to