Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: Generate New Ti...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Normal
Fix Version/s: rhel-10.1
Affects Version/s: rhel-8.10
Component/s: 389-ds-base
Labels:
- rn-yml

Fixed in Build:
389-ds-base-3.1.3-2.el10
Regression:
No
Severity:
Moderate
Epic Link:
IDM-1961
Keywords:

ZStream

AssignedTeam:
rhel-idm-ds
Sub-System Group:

ssg_idm

Story Points:
0
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
Yes
Sprint:
None
Release Blocker:
Approved Blocker
Target Backport Versions:

rhel-8.8.0.z, rhel-8.10.z, rhel-9.2.0.z, rhel-9.4.z, rhel-9.6.z, rhel-10.0.z

Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/151590
Test Coverage:

Automated

Release Note Type:
Bug Fix
Release Note Text:

Hide
.Directory Server correctly displays membership in nested groups

Before this update, Directory Server displayed an incorrect value of the `memberOf` attribute in that entry under the following conditions:

* An entry was a member of groups that had multiple nested levels
* Groups were part of other different groups that had multiple paths in the membership relations.

With this update, the `memberOf` distinguished name (DN) value is added systematically, and the entry membership in groups is displayed correctly.

Show
.Directory Server correctly displays membership in nested groups Before this update, Directory Server displayed an incorrect value of the `memberOf` attribute in that entry under the following conditions: * An entry was a member of groups that had multiple nested levels * Groups were part of other different groups that had multiple paths in the membership relations. With this update, the `memberOf` distinguished name (DN) value is added systematically, and the entry membership in groups is displayed correctly.
Release Note Status:
Done
ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

This is a clone from upstream issue https://github.com/389ds/389-ds-base/issues/6571

Problem repeats constantly in the next case (group names are important):

There are three groups: group1, group2, group21. There is one user: user1.

group21 is a member of group2.
user1 is a member of group1 and group21.

When I add group2 into group1, group21 does not receive memberof group1.

The problem can be solved by commenting the next block of code: https://github.com/389ds/389-ds-base/blob/main/ldap/servers/plugins/memberof/memberof.c#L3401C1-L3414C6

Does this check is correct and necessary ?

links to

389ds/389-ds-base/issues/6571

RHBA-2025:151590 389-ds-base update

Assignee:: IdM DS Dev

Reporter:: Viktor Ashirov

Developer:: IdM DS Dev

QA Contact:: IdM DS QE

Doc Contact:: Evgenia Martyniuk

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2025/05/06 7:35 AM

Updated:: 2025/11/11 10:06 AM

Resolved:: 2025/11/11 10:06 AM

Next Planned Release Date:: 2025/11/11

Release Date:: 2025/11/11

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates