[Date Prev][Date Next] [Chronological] [Thread] [Top]

Subtree renames and memberOf handling



I perhaps should have flagged this earlier, but I wanted to actually
have the test to prove it.

It appears that subtree renames and the memberOf plugin are not handled
correctly.  That is:

I create
cn=ldaptestuser4,cn=ldaptestcontainer,DC=samba,DC=example,DC=com

I add it to a group:

dn: cn=ldaptestgroup2,cn=users,DC=samba,DC=example,DC=com 
changetype: modify
add: member
member:
cn=ldaptestuser4,cn=ldaptestcontainer,DC=samba,DC=example,DC=com 

Then I rename the container
CN=ldaptestcontainer,DC=samba,DC=example,DC=com into
CN=ldaptestcontainer2,DC=samba,DC=example,DC=com

However, when I search:

[abartlet@naomi source]$ bin/ldbsearch -H st/dc/private/sam.ldb
"cn=ldaptestgroup2"
# record 1
dn: CN=ldaptestgroup2,CN=Users,DC=samba,DC=example,DC=com
member: cn=ldaptestuser,cn=useRs,dc=samba,dc=example,dc=com
member: cn=ldaptestcomputer,cn=computers,dc=samba,dc=example,dc=com
member: cn=ldaptestuser2,cn=users,dc=samba,dc=example,dc=com
member: cn=ldaptestuser4,cn=ldaptestcontainer,dc=samba,dc=example,dc=com

[abartlet@naomi source]$ bin/ldbsearch -H st/dc/private/sam.ldb
"cn=ldaptestuser4"
# record 1
dn: CN=ldaptestuser4,CN=ldaptestcontainer2,DC=samba,DC=example,DC=com
cn: ldaptestuser4
memberOf: cn=ldaptestgroup2,cn=users,dc=samba,dc=example,dc=com


The 'member' attribute on the group is wrong, most likely because such a
subtree rename would never cause the memberOf module to fire and notice
that this needs updating.

Andrew Bartlett
-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

Attachment: signature.asc
Description: This is a digitally signed message part