This bug is created as a clone of upstream ticket:
I've been triaging a login error issue mkosek had today and I believe the
problem is actually on the server side. I'm not sure if it's in IPA (due to the
new ACIs maybe) or 389DS.
With the latest F20 IPA + 389DS combination I've been unable to use the
OpenLDAP dereference control:
ldapsearch -Y GSSAPI -h <host> -b fqdn=<fqdn> -E 'deref=managedBy:objectClass'
Normally, what the result should be is a tuple of dereferenced DN and the
requested attribute (objectClass in this case). I'm only seeing the DN, though.
Duplicate of DS 47821.
Metadata Update from @nhosoi:
- Issue set to the milestone: N/A
to comment on this ticket.