Set the default attributes for RootDSE

With 389 DS 1.3.3 upwards we can leverage the nsslapd-return-default-opattr
attribute to enumerate the list of attributes that should be returned
even if not specified explicitly. Use the behaviour to get the same attributes
returned from searches on rootDSE as in 1.3.1.

https://fedorahosted.org/freeipa/ticket/4288

Reviewed-By: Martin Kosek <mkosek@redhat.com>

2 files changed, 10 insertions, 0 deletions

diff --git a/install/updates/10-rootdse.update b/install/updates/10-rootdse.update
new file mode 100644
index 000000000..f44992a5d
--- /dev/null
+++ b/install/updates/10-rootdse.update
@@ -0,0 +1,9 @@
+# Set the default attributes to be returned by RootDSE
+dn:
+add:nsslapd-return-default-opattr:namingContexts
+add:nsslapd-return-default-opattr:supportedControl
+add:nsslapd-return-default-opattr:supportedExtension
+add:nsslapd-return-default-opattr:supportedLDAPVersion
+add:nsslapd-return-default-opattr:supportedSASLMechanisms
+add:nsslapd-return-default-opattr:vendorName
+add:nsslapd-return-default-opattr:vendorVersion
diff --git a/install/updates/Makefile.am b/install/updates/Makefile.am
index b137ffedc..2aafdd85c 100644
--- a/install/updates/Makefile.am
+++ b/install/updates/Makefile.am
@@ -5,6 +5,7 @@ app_DATA =				\
 	10-config.update		\
 	10-enable-betxn.update		\
 	10-selinuxusermap.update	\
+	10-rootdse.update		\
 	10-uniqueness.update		\
 	10-schema_compat.update		\
 	19-managed-entries.update	\