Claudio Bisegni wrote: > Hi all, > > i'm writing a middle tier that use a ldap pooled connection to 389 > directory server. > The connection are made using Application Server special user for bind > operation. When an user is authenticated, all the operation are made > using the special user polled connection that use the current logged > user as proxy user. The DN for the Application Server user have only > privilege to read and make proxy. > This is the scenario and with this i have two issue. > > 1) using the proxy user i can't write the userPassword Attribute but i > can do all operation on all other attribute(the user used for proxy > have all privilege on all the tree) the error i receive is: > 'Insufficient 'write' privilege to the 'userPassword' attribute of > entry > 'infnuuid=31e4ebe9-36c2-4244-b00c-18e6e87fe407,ou=people,dc=infn,dc=it' > If i get a connection making the bind with this user, all work. All > other operation except add or modify "userPassword" attribute work > well using the proxy user as aspected(so proxy is working) https://bugzilla.redhat.com/show_bug.cgi?id=520151 > > 2)for all other operation that work using the proxy user the problem > is that on 389 log is shown only the real and not the proxy one. Can > be 389 server configured to shown the real and proxy user, to log the > operation? It cannot currently be configured as such. Please file a bug/enhancement request at https://bugzilla.redhat.com/enter_bug.cgi?product=389 > > Thanks in advanced. > > Best Reguards > Claudio Bisegni > > ------------------------------------------------------------------------ > > -- > 389 users mailing list > 389-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3258 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20091019/a39f59aa/attachment.bin
