On 05/28/2013 02:35 PM, Alexander Bokovoy wrote: > On Thu, 23 May 2013, Simo Sorce wrote: >>> > As you can see, incorrect parameters still return empty dn and netlogon >>> > attributes while Windows Server 2012 returns empty response: >>> > >>> > $ ldapsearch -LL -H cldap://altai.ad.lan -b "" -s base >>> '(&(NtVer=\00\00\00\55\00)(AAC=\00\00\00\00))' netlogon >>> > version: 1 >>> > >>> > Yet, since for trusts we care about explicit request with our domain name >>> _and_ the >>> > case when DnsDomain is not specified, everything continues to work. >>> > >>> > So ACK. >>> >>> I can easily avoid returning the empty netlogon field, which is what I >>> wanted to do. >>> I'll see if I can also avoid returning the DN. >>> >>> Let me try just one more revision. >> >> It was a simple fix, attached patches omit LDAP_RES_SERAHC_ENTRY >> completely as they were supposed to, and only return a >> LDAP_RES_SEARCH_RESULT record. > Thanks. > > Tested and it works fine. >
ACK. Pushed to master, ipa-3-1, ipa-3-0. I will release 3.1.5 soon to Fedora 18 to fix cooperation with realmd. Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel