mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
b47d6a3654
ipa user-find --whoami is used by ipa otptoken-add to populate ipaTokenOwner and managedBy attributes. These attributes, in turn are checked by the self-service ACI which allows to create OTP tokens assigned to the creator. With 389-ds-base 1.4.0.6-2.fc28 in Fedora 28 beta there is a bug in searches with scope 'one' that result in ipa user-find --whoami returning 0 results. Because ipa user-find --whoami does not work, non-admin user cannot create a token. This is a regression that can be fixed by using LDAP Whoami command. LDAP Whoami command returns a string 'dn: <DN of the bind>', so we have to strip first four characters to get actual DN. Fixes: https://pagure.io/freeipa/issue/7456 Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com> |
||
|---|---|---|
| .. | ||
| advise | ||
| dnssec | ||
| install | ||
| plugins | ||
| secrets | ||
| __init__.py | ||
| dcerpc_common.py | ||
| dcerpc.py | ||
| dns_data_management.py | ||
| Makefile.am | ||
| p11helper.py | ||
| rpcserver.py | ||
| servroles.py | ||
| setup.cfg | ||
| setup.py | ||
| topology.py | ||