Apache Directory Project - [jira] Commented: (DIRSERVER-606) ou=users, ou=system - user cannot

This is Interesting: Free IT Magazines  
Home > Archive > Apache Directory Project > April 2006 > [jira] Commented: (DIRSERVER-606) ou=users, ou=system - user cannot





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author [jira] Commented: (DIRSERVER-606) ou=users, ou=system - user cannot
Emmanuel Lecharny (JIRA)

2006-04-24, 7:56 am

[ http://issues.apache.org/jira/brows...action_12375889 ]

Emmanuel Lecharny commented on DIRSERVER-606:
---------------------------------------------

I have a different behavior. I also have created the same entry (with LdapBrowser, and it's not easy, becuase if you don't create a file to store the password, then there is no way you can modify the entry after having added it.)

Now, if I try to do :
ldapsearch -h localhost -p 10389 -D "cn=fiona apple,ou=users,ou=system" -w machine -s sub -b "ou=users,ou=system" "(objectClass=*)" dn

I got :
ldap_sasl_interactive_bind_s: Insufficient access (50)
additional info: failed on search operation

I changed the command to :
ldapsearch -x -h localhost -p 10389 -D "cn=fiona apple,ou=users,ou=system" -w machine -s sub -b "ou=users,ou=system" "(objectClass=*)" dn

(the -x is for Simple authentication)

Now, I get this error :
ldap_bind: Invalid credentials (49)
additional info: Bind failed


Of course, if I use the admin DN to authenticate, it works :
ldapsearch -x -h localhost -p 10389 -D "uid=admin,ou=system" -w secret -s sub -b "ou=users,ou=system" "(objectClass=*)" dn

gives the following result :

# extended LDIF
#
# LDAPv3
# base <ou=users,ou=system> with scope sub
# filter: (objectClass=*)
# requesting: dn
#

# users, system
dn: ou=users,ou=system

# Fiona Apple, users, system
dn: cn=Fiona Apple,ou=users,ou=system

# search result
search: 2
result: 0 Success

# numResponses: 3
# numEntries: 2




> ou=users, ou=system - user cannot see their own entry
> -----------------------------------------------------
>
> Key: DIRSERVER-606
> URL: http://issues.apache.org/jira/browse/DIRSERVER-606
> Project: Directory ApacheDS
> Type: Bug

> Versions: 1.0-RC1
> Environment: JDK 1.4.1
> Tried both JXplorer, and from ACEGI security
> Reporter: Marc Batchelor
> Assignee: Stefan Zoerner
> Priority: Critical
> Attachments: patch.txt
>
> User binds to ApacheDS as a user under ou=users, ou=system. The user cannot see their own entry to get their own attributes.
> Documentation states: Users cannot see other user entries under the 'ou=users,ou=system' entry.
> Agreed and understood. But, the user, after binding with the directory, cannot even find their own entry to get their own attributes.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secur...nistrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com