#4850 DUA profile not available anonymously
Closed: Fixed None Opened 9 years ago by rcritten.

The DUA project used to configure Solaris and HP/ux clients is not available anonymously. This is a regression from 3.x.

The URI is cn=default,ou=profile,$SUFFIX.

Tested using freeipa-server-4.1.2-1 on F-21

$  ldapsearch -LLL -x -b cn=default,ou=profile,dc=example,dc=com

In 3.x:

$ ldapsearch -LLL -x -b cn=default,ou=profile,dc=example,dc=com
dn: cn=default,ou=profile,dc=example,dc=com
defaultServerList: grindle.example.com
defaultSearchBase: dc=example,dc=com
objectClass: top
objectClass: DUAConfigProfile
serviceSearchDescriptor: passwd:cn=users,cn=accounts,dc=example,dc=com
serviceSearchDescriptor: group:cn=groups,cn=compat,dc=example,dc=com
searchTimeLimit: 15
followReferrals: TRUE
objectclassMap: shadow:shadowAccount=posixAccount
bindTimeLimit: 5
authenticationMethod: none
cn: default

Patch freeipa-mkosek-492-add-anonymous-read-aci-for-dua-profile.patch sent for review

master:

  • 0a7a8d6 Add anonymous read ACI for DUA profile

ipa-4-1:

  • b54b740 Add anonymous read ACI for DUA profile

Metadata Update from @rcritten:
- Issue assigned to mkosek
- Issue set to the milestone: FreeIPA 4.1.3

7 years ago

Login to comment on this ticket.

Metadata