From 36d95472d983ff342a43a5df36d932b9de8c32ac Mon Sep 17 00:00:00 2001
From: Tomas Krizek <tkrizek@redhat.com>
Date: Nov 07 2016 10:34:03 +0000
Subject: ldap2: change default bind_dn


Set default bind_dn to cn=directory manager.

https://fedorahosted.org/freeipa/ticket/6461

Reviewed-By: Martin Basti <mbasti@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>

---

diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py
index 8cbac28..2d08f1c 100644
--- a/ipaserver/plugins/ldap2.py
+++ b/ipaserver/plugins/ldap2.py
@@ -153,7 +153,7 @@ class ldap2(CrudBackend, LDAPClient):
         Extends backend.Connectible.create_connection.
         """
         if bind_dn is None:
-            bind_dn = DN()
+            bind_dn = DN(('cn', 'directory manager'))
         assert isinstance(bind_dn, DN)
         if tls_cacertfile is not None:
             _ldap.set_option(_ldap.OPT_X_TLS_CACERTFILE, tls_cacertfile)