Claudio Bisegni wrote:
Hi all,i'm writing a middle tier that use a ldap pooled connection to 389 directory server. The connection are made using Application Server special user for bind operation. When an user is authenticated, all the operation are made using the special user polled connection that use the current logged user as proxy user. The DN for the Application Server user have only privilege to read and make proxy.This is the scenario and with this i have two issue.1) using the proxy user i can't write the userPassword Attribute but i can do all operation on all other attribute(the user used for proxy have all privilege on all the tree) the error i receive is: 'Insufficient 'write' privilege to the 'userPassword' attribute of entry 'infnuuid=31e4ebe9-36c2-4244-b00c-18e6e87fe407,ou=people,dc=infn,dc=it' If i get a connection making the bind with this user, all work. All other operation except add or modify "userPassword" attribute work well using the proxy user as aspected(so proxy is working)
https://bugzilla.redhat.com/show_bug.cgi?id=520151
It cannot currently be configured as such. Please file a bug/enhancement request at https://bugzilla.redhat.com/enter_bug.cgi?product=3892)for all other operation that work using the proxy user the problem is that on 389 log is shown only the real and not the proxy one. Can be 389 server configured to shown the real and proxy user, to log the operation?
Thanks in advanced. Best Reguards Claudio Bisegni ------------------------------------------------------------------------ -- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- 389 users mailing list 389-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
