mandriva

Ticket #65 (new enhancement)

Opened 2 years ago

Last modified 2 years ago

enable dereference alias when searching

Reported by: Costin Gusa <costinel@gmail.com> Assigned to: cedric.delfosse@linbox.org
Priority: normal Milestone:
Component: python-mmc-base Version: 1.1.3
Severity: normal Keywords: dereference alias
Cc:

Description

due to migration reasons my ldap tree contains objects with cn as rdn instead of uid, as lmc expects. therefore, even if samba does not complain and works just fine, lmc cannot edit/view attributes of such objects, but only enumerate them. I have tried creating aliases (uid pointing to cn), but lmc seems to specify dereference aliases to "never"

another workaround i tried was to search the lmc code for the ldap search function and look for the dereference option, but it seems that this options is missing from python-ldap code (please correct me if i'm wrong).

although the logical solution would be finding a way to specify dereference alias option 'always' or 'find', if that will not be possible could someone come up with a solution for accepting also valid objects with cn as rdn?

Attachments

Change History

03/09/07 07:12:49 changed by Costin Gusa <costinel@gmail.com>

i have found how to enable dereference aliases, but after a little digging through /usr/share/python-support/python-lmc-base/lmc/plugins/base/init.py i have discovered that ldap modify requests go to the uid rdn, so enabling the "self.l.deref = ldap.DEREF_ALWAYS" property of the ldap object is not enough. maybe a continuation path would be to perform (with DEREF_ALWAYS) a ldap search against the uid rdn base and extract the dn attribute before calling each search or modify actions against the rdn something like "ldapsearch -a always -x -b uid=user1,ou=users,dc=domain,dc=tld dn|grep dn:|sed s/dn:\ //g", then use the resulting dn as a target for ldap rdn actions

03/12/07 11:48:32 changed by cedric.delfosse@linbox.org

Hello,

you're right, the LDAP modify requests always go to the uid rdn when editing users. I will open a ticket to fix this problem.

The short term solution could be to dump your directory in a file, change all users rdn is this file, then re-populate your directory using this file.

Regards,

03/12/07 12:37:57 changed by Costin Gusa <costinel@gmail.com>

I'm afraid I am unable to make the change because there is another legacy application in production that uses cn as rdn (maybe as time goes by that application will be replaced someday, but in the present it's a must).

thank you! ps. i believe the severity should be changed from major to enhancement, since as i was not thinking about lmc but at myself when considering the bug as "major" :)

03/12/07 14:04:17 changed by cedric.delfosse@linbox.org

  • priority changed from high to normal.
  • version changed from 1.1.2 to 1.1.3.
  • severity changed from major to enhancement.
  • milestone deleted.

Add/Change #65 (enable dereference alias when searching)




Change Properties
Action