#47825 Broken dereference control with the FreeIPA 4.0 ACIs
Closed: Duplicate None Opened 5 years ago by nhosoi.

This bug is created as a clone of upstream ticket:

I've been triaging a login error issue mkosek had today and I believe the
problem is actually on the server side. I'm not sure if it's in IPA (due to the
new ACIs maybe) or 389DS.

With the latest F20 IPA + 389DS combination I've been unable to use the
OpenLDAP dereference control:

ldapsearch -Y GSSAPI -h <host> -b fqdn=<fqdn> -E 'deref=managedBy:objectClass'

Normally, what the result should be is a tuple of dereferenced DN and the
requested attribute (objectClass in this case). I'm only seeing the DN, though.

Duplicate of DS 47821.

Metadata Update from @nhosoi:
- Issue set to the milestone: N/A

3 years ago

Login to comment on this ticket.