Skip Menu |

This queue is for tickets about the Net-LDAP-Class CPAN distribution.

Report information
The Basics
Id: 77162
Status: resolved
Priority: 0/
Queue: Net-LDAP-Class
People
Owner: karman [...] cpan.org
Requestors: csheets [...] nvidia.com
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: 0.26
Fixed in: (no value)

History Show all quoted text
  Sat May 12 07:19:40 2012 http://rcsheets.myopenid.com/ - Ticket created
Subject: non-unique attribute cn is included in AD_unique_attributes
Net::LDAP::Class::User::AD and Net::LDAP::Class::Group::AD include a list of unique attributes, and code which relies for its correct operation on the uniqueness of these attributes. The attributes listed as unique are qw( cn objectSID distinguishedName ), however the cn attribute is not a unique attribute in Active Directory. This can lead to serious bugs in the event where two Active Directory objects have the same cn value.
  Thu May 17 23:15:44 2012 karman [...] cpan.org - Taken
  Thu May 17 23:18:26 2012 karman [...] cpan.org - Correspondence added
Thanks for the bug report. Always glad to hear people are using the module. I looked over the code and it seems like 'cn' is defined as unique only for Net::LDAP::Class::Group::AD. It seems like 'cn' is only ever used when it is prepended to the base_dn() value, forming a distinguishedName which *is* unique. Do you have a specific use case where the code fails as is? A failing test would really help me pinpoint where the assumptions about unique-ness have done off the rails.
  Thu May 17 23:18:27 2012 The RT System itself - Status changed from 'new' to 'open'
  Thu May 17 23:29:12 2012 http://rcsheets.myopenid.com/ - Correspondence added
On Thu May 17 23:18:26 2012, KARMAN wrote: Show quoted text
> I looked over the code and it seems like 'cn' is defined as unique > only for Net::LDAP::Class::Group::AD.
Yes, that's right. My mistake. I'll post more details shortly.
  Wed Oct 24 23:00:35 2012 karman [...] cpan.org - Correspondence added
please re-open if you have specific changes to suggest. thanks.
  Wed Oct 24 23:00:37 2012 karman [...] cpan.org - Status changed from 'open' to 'rejected'
  Wed Oct 24 23:11:04 2012 csheets [...] nvidia.com - Correspondence added
Subject: RE: [rt.cpan.org #77162] non-unique attribute cn is included in AD_unique_attributes
Date: Wed, 24 Oct 2012 20:10:53 -0700
To: "bug-Net-LDAP-Class [...] rt.cpan.org" <bug-Net-LDAP-Class [...] rt.cpan.org>
From: Charley Sheets <csheets [...] nvidia.com>
Will do. Sorry it's taken so long to get back around to this. Show quoted text
-----Original Message----- From: Peter Karman via RT [mailto:bug-Net-LDAP-Class@rt.cpan.org] Sent: Wednesday, October 24, 2012 8:01 PM To: Charley Sheets Subject: [rt.cpan.org #77162] non-unique attribute cn is included in AD_unique_attributes <URL: https://rt.cpan.org/Ticket/Display.html?id=77162 > please re-open if you have specific changes to suggest. thanks. ----------------------------------------------------------------------------------- This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. -----------------------------------------------------------------------------------
  Wed Oct 24 23:11:05 2012 The RT System itself - Status changed from 'rejected' to 'open'
  Thu Oct 25 09:46:55 2012 karman [...] cpan.org - Status changed from 'open' to 'resolved'