On Fri, 24 Feb 2012, Yair Zaslavsky wrote:
One the issues I see here is the fact the the query is using samaccounttype and objectguid which might be relevant only for ActiveDirectory. Nathan, can you provide us the exact query? (you can place userprincipalname=XXXXX in order to prevent spamming, we'll understand what you mean). I just want to fully understand if you truely see both ipaUniqueID and objectguid
[24/Feb/2012:18:28:46 +0000] conn=144 op=3 SRCH base="dc=blinkmind,dc=net" scope=2 filter="(&(samaccounttype=805306368)(userprincipalname=nathan@BLINKMIND.NET))" attrs="nsUniqueId ipaUniqueID objectguid objectClass javaSerializedData javaClassName javaFactory javaCodebase javaReferenceAddress javaClassNames javaremotelocation" They both are there, but with FreeIPA there is no "userprincipalname"
<> Nathan Stratton CTO, BlinkMind, Inc. nathan at robotics.net nathan at blinkmind.com http://www.robotics.net http://www.blinkmind.com