Hi, the attached patch fixes <https://fedorahosted.org/freeipa/ticket/4192>.
Honza -- Jan Cholasta
>From 8fda212b0a14bab2caf3d30faaa63c83b7aa23c5 Mon Sep 17 00:00:00 2001 From: Jan Cholasta <[email protected]> Date: Mon, 24 Feb 2014 10:10:27 +0100 Subject: [PATCH] Always use real entry DNs for memberOf in ldap2. https://fedorahosted.org/freeipa/ticket/4192 --- ipaserver/plugins/ldap2.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index f6284dc..17bd841 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -258,8 +258,8 @@ class ldap2(LDAPClient, CrudBackend): indirect.remove(dn) direct.add(dn) + entry['memberof'] = list(direct) if indirect: - entry['memberof'] = list(direct) entry['memberofindirect'] = list(indirect) config_defaults = {'ipasearchtimelimit': [2], 'ipasearchrecordslimit': [0]} -- 1.8.5.3
_______________________________________________ Freeipa-devel mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-devel
