2 files changed, 11 insertions, 2 deletions

diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 5bbee3568..db6748cff 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -562,6 +562,10 @@ int sysdb_get_netgroup_attr(TALLOC_CTX *mem_ctx,
  * they have to be called within a transaction
  * See sysdb_transaction_send()/_recv() */
 
+/* Permissive modify */
+int sss_ldb_modify_permissive(struct ldb_context *ldb,
+                              struct ldb_message *msg);
+
 /* Delete Entry */
 int sysdb_delete_entry(struct sysdb_ctx *sysdb,
                        struct ldb_dn *dn,
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 5bc826a7d..5d0748740 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -74,8 +74,13 @@ static uint32_t get_attr_as_uint32(struct ldb_message *msg, const char *attr)
     return l;
 }
 
-static int sss_ldb_modify_permissive(struct ldb_context *ldb,
-                                     struct ldb_message *msg)
+/*
+ * The wrapper around ldb_modify that uses LDB_CONTROL_PERMISSIVE_MODIFY_OID
+ * so that on adds entries that already exist are skipped and similarly
+ * entries that are missing are ignored on deletes
+ */
+int sss_ldb_modify_permissive(struct ldb_context *ldb,
+                              struct ldb_message *msg)
 {
     struct ldb_request *req;
     int ret = EOK;