#4984 ipa-ldap-updater does not support base64-encoded attribute values
Closed: Fixed None Opened 6 years ago by abbra.

ipa-ldap-updater does not support binary attribute values.

In ldif format, a base64-encoded attribute value is described with :: after attribute name. Following .update file does not work properly because ldap updater does not understand the syntax. In fact, it converts base64 value into something different and then it is loaded into LDAP server with completely wrong binary value.

dn: uid=user,cn=users,cn=accounts,$SUFFIX
default: uid: user
default: krbPrincipalKey:: MIIBnKADAgEBoQMCAQGiAwIBAaMDAgEBpIIBhDCCAYAwaKAbMBmgAwIBBKES
 BBBdWHhFSDFWZWw5O2EoLGJEoUkwR6ADAgESoUAEPiAAbaXgHGsLZp+b5iuNzokmeYxcW+kJcSmDS
 8oR4MdcaKXz8wdlFRX/SSj+rrZk2Nl2MnEIc3PZUdydpRteMFigGzAZoAMCAQShEgQQcTN7LUp5Yl
 VdQWdSKjc1WqE5MDegAwIBEaEwBC4QAKe1hzMN6dAAT38JDvKgq2u6PVVcCt9IrH1sIXRb9pf8Ub+
 eg+FfQ1iDAnm5MGCgGzAZoAMCAQShEgQQZzMmPHxtXE1Ge3B0bzUrQaFBMD+gAwIBEKE4BDYYAAU+
 8Ut8hSsSL0AjpcTqI9e7ML9c0aoW7xC0sLpl93nEhA8CSeiBfLO+aDhCFGIPaZZnE5MwWKAbMBmgA
 wIBBKESBBA7RSd1MDpBKS1jLWpCKnRHoTkwN6ADAgEXoTAELhAAtIO6qvvAat/lOzlkD2YXCejmW6
 GVQ6RFIVZQmL7FHfdJN7hz9BRH5i/UkeM=

master:

  • 5783d0c Server Upgrade: remove CSV from upgrade files
  • 520bbd0 Server Upgrade: Allow base64 encoded values

Metadata Update from @abbra:
- Issue assigned to mbasti
- Issue set to the milestone: FreeIPA 4.2

4 years ago

Login to comment on this ticket.

Metadata