In RHDS modrdn operations fail due to insufficient access rights if there is a deny aci for any attribute in place

Solution Verified - Updated -

Issue

  • If you create a deny ACI for some or more attributes, there is incorrect behaviour as you cannot rename the entry any more. This is unexpected behaviour. It doesn't matter if you use some other attribute in the deny-aci (like memberOf which isn't even part of the inetOrgperson class) or use a groupdn. It always fails.

Environment

  • Red Hat Enterprise Linux (RHEL) 6
  • Red Hat Directory Server (RHDS) 9

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.