Bug #5128
closedaccess list does not show all dns in the LTER LDAP tree
0%
Description
When adding access rules for individuals, not all the people in the LTER tree are available. It appears that missing folks are the relatively recent additions, eg, since about 2008, but I cannot be sure of that.
this might be related to bug 3596.
Related issues
Updated by ben leinfelder over 13 years ago
see related bug for probable solution on the LTER ldap server:
http://bugzilla.ecoinformatics.org/show_bug.cgi?id=3360
Updated by Margaret O'Brien over 13 years ago
The LTER network has increased the number of entries its LDAP returns, per Ben's suggestion. However, they had an additional request, which might represent a better long-term solution:
From: http://rt.lternet.edu/Ticket/Display.html?id=13676
I want a IP# or space from which the knb
referrals will come as a temporary solution - and I want a metacat to
support authenticated queries from LDAP as the real solution. I don't
want to keep streaming our records out across the planet to spammers.
Updated by ben leinfelder over 11 years ago
Link the the ticket is dead.
We can't really provide a complete list of all the IP addresses that might follow the ldap referral to LTER. Sure, the KNB is one Metacat that utilizes this feature, but so is my laptop where I have a test instance of Metacat.
We are in the process of changing how we do user authentication (to use certificates and InCommon/CILogon) so I think of this as a low priority. Moreover, Morpho 2.0.0 pulls it's users from the CN account listing rather than from the MN so this will not be a Morpho issue for much longer. (We do, however, want Metacat to continue to retrieve the full list of usernames from the LTER referral as we support moth the Metacat and DataONE MN apis during this transition time.)
Updated by ben leinfelder over 11 years ago
This is a symptom of a server-side issue -- defer to that bug.