https://fedorahosted.org/freeipa/ticket/5298
Patch attached.
From 4e36c933932e36fd86a87ab51a2ffe61880cb25b Mon Sep 17 00:00:00 2001 From: Martin Basti <[email protected]> Date: Tue, 8 Mar 2016 19:12:00 +0100 Subject: [PATCH] Remove redundant parameters from CS.cfg in dogtaginstance Bind DN is not used for client certificate authentication so they can be safely removed. https://fedorahosted.org/freeipa/ticket/5298 --- ipaserver/install/dogtaginstance.py | 8 -------- 1 file changed, 8 deletions(-) diff --git a/ipaserver/install/dogtaginstance.py b/ipaserver/install/dogtaginstance.py index f5e5649f9a7b80ab25c9789b62ea7efcd5662bb6..b8ce19d724c68b999bd44160eeaf09124729e977 100644 --- a/ipaserver/install/dogtaginstance.py +++ b/ipaserver/install/dogtaginstance.py @@ -220,10 +220,6 @@ class DogtagInstance(service.Service): 'SslClientAuth', quotes=False, separator='=') installutils.set_directive( config, - 'authz.instance.DirAclAuthz.ldap.ldapauth.bindDN', - 'uid=pkidbuser,ou=people,o=ipaca', quotes=False, separator='=') - installutils.set_directive( - config, 'authz.instance.DirAclAuthz.ldap.ldapauth.clientCertNickname', 'subsystemCert cert-pki-ca', quotes=False, separator='=') installutils.set_directive( @@ -242,10 +238,6 @@ class DogtagInstance(service.Service): installutils.set_directive( config, - 'internaldb.ldapauth.bindDN', - 'uid=pkidbuser,ou=people,o=ipaca', quotes=False, separator='=') - installutils.set_directive( - config, 'internaldb.ldapauth.clientCertNickname', 'subsystemCert cert-pki-ca', quotes=False, separator='=') installutils.set_directive( -- 2.5.0
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
