From a789d70f395f4c5cb8bd26c7bde8e39f325fe3e0 Mon Sep 17 00:00:00 2001
From: Martin Kosek <mkosek@redhat.com>
Date: Fri, 26 Jul 2013 13:39:42 +0200
Subject: Use valid LDAP search base in migration plugin

One find_entry_by_attr call did not set a search base leading to
LDAP search call with zero search base. This leads to false negative
results from LDAP.
---
 ipalib/plugins/migration.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'ipalib')

diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py
index f57f0957..83bf40db 100644
--- a/ipalib/plugins/migration.py
+++ b/ipalib/plugins/migration.py
@@ -207,7 +207,8 @@ def _pre_migrate_user(ldap, pkey, dn, entry_attrs, failed, config, ctx, **kwargs
     principal = u'%s@%s' % (pkey, api.env.realm)
     try:
         ldap.find_entry_by_attr(
-            'krbprincipalname', principal, 'krbprincipalaux', ['']
+            'krbprincipalname', principal, 'krbprincipalaux', [''],
+            DN(api.env.container_user, api.env.basedn)
         )
     except errors.NotFound:
         entry_attrs['krbprincipalname'] = principal
-- 
cgit