Bug #5128


access list does not show all dns in the LTER LDAP tree

Added by Margaret O'Brien almost 14 years ago. Updated over 11 years ago.

morpho - general
Target version:
Start date:
Due date:
% Done:


Estimated time:


When adding access rules for individuals, not all the people in the LTER tree are available. It appears that missing folks are the relatively recent additions, eg, since about 2008, but I cannot be sure of that.
this might be related to bug 3596.

Related issues

Has duplicate Metacat - Bug #3360: Many LDAP users not showing up in 'getprincipals' searchIn ProgressJing Tao06/03/2008

Actions #1

Updated by ben leinfelder almost 14 years ago

see related bug for probable solution on the LTER ldap server:

Actions #2

Updated by Margaret O'Brien almost 14 years ago

The LTER network has increased the number of entries its LDAP returns, per Ben's suggestion. However, they had an additional request, which might represent a better long-term solution:

I want a IP# or space from which the knb
referrals will come as a temporary solution - and I want a metacat to
support authenticated queries from LDAP as the real solution. I don't
want to keep streaming our records out across the planet to spammers.

Actions #3

Updated by ben leinfelder over 11 years ago

Link the the ticket is dead.
We can't really provide a complete list of all the IP addresses that might follow the ldap referral to LTER. Sure, the KNB is one Metacat that utilizes this feature, but so is my laptop where I have a test instance of Metacat.

We are in the process of changing how we do user authentication (to use certificates and InCommon/CILogon) so I think of this as a low priority. Moreover, Morpho 2.0.0 pulls it's users from the CN account listing rather than from the MN so this will not be a Morpho issue for much longer. (We do, however, want Metacat to continue to retrieve the full list of usernames from the LTER referral as we support moth the Metacat and DataONE MN apis during this transition time.)

Actions #4

Updated by ben leinfelder over 11 years ago

This is a symptom of a server-side issue -- defer to that bug.

Actions #5

Updated by Redmine Admin over 11 years ago

Original Bugzilla ID was 5128


Also available in: Atom PDF