https://fedorahosted.org/freeipa/ticket/4953

To test this patch:

1. Migrate users from LDAP or other FreeIPA server (https://www.freeipa.org/page/Howto/Migration)

2. Disable anonymous bind to Directory Server (https://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/disabling-anon-binds.html)

3. Go to FreeIPA migration page (ipa.example.com/ipa/migration/) and enter name and password of one of the migrated users.

Without this patch you will get an error page.

--
David Kupka
From a9c50987842a08eb6928bd662a1db57b85d4b3cd Mon Sep 17 00:00:00 2001
From: David Kupka <dku...@redhat.com>
Date: Wed, 15 Jul 2015 14:55:28 +0200
Subject: [PATCH] Do not use anonymous bind in migration UI.

https://fedorahosted.org/freeipa/ticket/4953
---
 install/migration/migration.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/migration/migration.py b/install/migration/migration.py
index b629b1c9ff7bd58f1ea64e4c2b2433428a939f28..ec660ba5329193675826cd8ce292034fd33744b5 100644
--- a/install/migration/migration.py
+++ b/install/migration/migration.py
@@ -51,7 +51,7 @@ def get_base_dn(ldap_uri):
     """
     try:
         conn = IPAdmin(ldap_uri=ldap_uri)
-        conn.do_simple_bind(DN(), '')
+        conn.do_bind(DN(), '')
         base_dn = get_ipa_basedn(conn)
     except Exception, e:
         root_logger.error('migration context search failed: %s' % e)
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to