diff options
Diffstat (limited to 'ipapython/ipaldap.py')
-rw-r--r-- | ipapython/ipaldap.py | 27 |
1 files changed, 8 insertions, 19 deletions
diff --git a/ipapython/ipaldap.py b/ipapython/ipaldap.py index 1d392497f..027bfa979 100644 --- a/ipapython/ipaldap.py +++ b/ipapython/ipaldap.py @@ -1963,25 +1963,14 @@ class IPAdmin(LDAPClient): if key in FORCE_REPLACE_ON_UPDATE_ATTRS or is_single_value: force_replace = True - # You can't remove schema online. An add will automatically - # replace any existing schema. - if old_entry.dn == DN(('cn', 'schema')): - if len(adds) > 0: - if key.lower() == 'attributetypes': - modlist.insert(0, (ldap.MOD_ADD, key, adds)) - else: - modlist.append((ldap.MOD_ADD, key, adds)) - else: - if adds: - if force_replace: - modlist.append((ldap.MOD_REPLACE, key, adds)) - else: - modlist.append((ldap.MOD_ADD, key, adds)) - if removes: - if not force_replace: - modlist.append((ldap.MOD_DELETE, key, removes)) - elif new_values == []: # delete an empty value - modlist.append((ldap.MOD_DELETE, key, removes)) + if adds: + if force_replace: + modlist.append((ldap.MOD_REPLACE, key, adds)) + else: + modlist.append((ldap.MOD_ADD, key, adds)) + if removes: + if not force_replace or not new_values: + modlist.append((ldap.MOD_DELETE, key, removes)) return modlist |