From 5e8e1e8aaab403ea565da6e82222de36060f286f Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Tue, 19 Sep 2006 20:54:30 +0000
Subject: [PATCH] Update the password modify extended operation to ensure that if an authorization ID is provided using the "dn:" form and an alternate root bind DN (e.g., "cn=Directory Manager" instead of  "cn=Directory Manager,cn=Root DNs,cn=config") the server will properly map it to the actual DN for the user.

---
 opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java |    8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java b/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
index b053314..755b2d7 100644
--- a/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
+++ b/opends/src/server/org/opends/server/extensions/PasswordModifyExtendedOperation.java
@@ -357,6 +357,14 @@
             return;
           }
 
+          // If the provided DN is an alternate DN for a root user, then replace
+          // it with the actual root DN.
+          DN actualRootDN = DirectoryServer.getActualRootBindDN(userDN);
+          if (actualRootDN != null)
+          {
+            userDN = actualRootDN;
+          }
+
           userEntry = getEntryByDN(operation, userDN);
           if (userEntry == null)
           {

--
Gitblit v1.10.0