freeipa

Clone
Source Code
GIT

#7074 IPA shouldn't allow objectclass if not all in lower case
Closed: fixed 6 years ago Opened 6 years ago by pvoborni.

Closed: fixed
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1463186

Description of problem:
Customer said that they migrated users from the older version of IPA that had
"objectclass=posixAccount" rather than "objectclass=posixaccount, which is
problematic when comes to using "ipa idoverrideuser-add"

Version-Release number of selected component (if applicable):
ipa-server-4.4.0-14.el7_3.7.x86_64
389-ds-base-1.3.5.10-20.el7_3.x86_64


How reproducible:


Steps to Reproduce:
1. Create two users in IPA using a ldif file, one with
""objectclass=posixAccount" and the other with "objectclass=posixAccount"
2. Load the users to the IPA
3. Then run:
ipa idview-add testview
ipa idoverrideuser-add testview <username> --homeDirectory=/var/tmp

Actual results:

user with "objectClass: posixAccount"
# ipa idoverrideuser-add testview cgoodwin --homedir=/home/cgoodwin
ipa: ERROR: invalid 'IPA object': system IPA objects (e.g system groups, user
private groups) cannot be overridden


user with "objectClass: posixaccount
# ipa idoverrideuser-add testview bgoodwin --homedir=/home/mygoodwin
---------------------------------
Added User ID override "bgoodwin"
---------------------------------
  Anchor to override: bgoodwin
  Home directory: /home/mygoodwin


Expected results:


Additional info:
The workaround is to replace "objectclass=posixAccount" with
"objectclass=posixaccount

Metadata Update from @pvoborni:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1463186
6 years ago

Metadata Update from @pvoborni:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1463186
6 years ago

Metadata Update from @fbarreto:
- Issue assigned to fbarreto
6 years ago

Metadata Update from @fbarreto:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/950
6 years ago

master:

  • 286bbb2 Changing idoverrideuser-* to treat objectClass case insensitively

ipa-4-6:

  • a5e8f52 Changing idoverrideuser-* to treat objectClass case insensitively

Still needs manual backport for ipa-4-5

ipa-4-5:

  • 61e8b49 Changing idoverrideuser-* to treat objectClass case insensitively

Metadata Update from @stlaz:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
6 years ago

Login to comment on this ticket.

Metadata
None
None
None
None
None
None
None
None
None
None
None
None
None
https://github.com/freeipa/freeipa/pull/950
None
None
None
None
https://bugzilla.redhat.com/show_bug.cgi?id=1463186
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.