On 15/07/15 15:34, Jan Cholasta wrote:
Dne 15.7.2015 v 15:21 David Kupka napsal(a):
https://fedorahosted.org/freeipa/ticket/4953

To test this patch:

1. Migrate users from LDAP or other FreeIPA server
(https://www.freeipa.org/page/Howto/Migration)

2. Disable anonymous bind to Directory Server
(https://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/disabling-anon-binds.html)



3. Go to FreeIPA migration page (ipa.example.com/ipa/migration/) and
enter name and password of one of the migrated users.

Without this patch you will get an error page.

NACK, you are calling do_bind with wrong arguments.

Updated patch attached.

--
David Kupka
From 43d8cc79283e9cbead102bd1415ad4107f65df11 Mon Sep 17 00:00:00 2001
From: David Kupka <dku...@redhat.com>
Date: Wed, 15 Jul 2015 14:55:28 +0200
Subject: [PATCH] Do not use anonymous bind in migration UI.

https://fedorahosted.org/freeipa/ticket/4953
---
 install/migration/migration.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/migration/migration.py b/install/migration/migration.py
index b629b1c9ff7bd58f1ea64e4c2b2433428a939f28..4e92794e3bb386bbd9dd80e7123bfb63f2fa8dc4 100644
--- a/install/migration/migration.py
+++ b/install/migration/migration.py
@@ -51,7 +51,7 @@ def get_base_dn(ldap_uri):
     """
     try:
         conn = IPAdmin(ldap_uri=ldap_uri)
-        conn.do_simple_bind(DN(), '')
+        conn.do_bind()
         base_dn = get_ipa_basedn(conn)
     except Exception, e:
         root_logger.error('migration context search failed: %s' % e)
-- 
2.4.3

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to