diff options
author | Rob Crittenden <rcritten@redhat.com> | 2011-04-05 16:28:59 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2011-04-05 21:46:32 -0400 |
commit | b9a2c11d6f6be6e7e599a48c70e798b720222b35 (patch) | |
tree | 3f49173bcc53d76bdedd545b0ecd6ba2539f5cf5 /ipaserver | |
parent | 86995509a1d29497fb1c95f810337a567e1d5634 (diff) | |
download | freeipa.git-b9a2c11d6f6be6e7e599a48c70e798b720222b35.tar.gz freeipa.git-b9a2c11d6f6be6e7e599a48c70e798b720222b35.tar.xz freeipa.git-b9a2c11d6f6be6e7e599a48c70e798b720222b35.zip |
Fix ORDERING in some attributetypes and remove other unnecessary elements.
Looking at the schema in 60basev2.ldif there were many attributes that did
not have an ORDERING matching rule specified correctly. There were also a
number of attributeTypes that should have been just SUP
distinguishedName that had a combination of SUP, SYNTAX, ORDERING, etc.
This requires 389-ds-base-1.2.8.0-1+
ticket 1153
Diffstat (limited to 'ipaserver')
-rw-r--r-- | ipaserver/install/ldapupdate.py | 2 | ||||
-rw-r--r-- | ipaserver/ipaldap.py | 14 |
2 files changed, 11 insertions, 5 deletions
diff --git a/ipaserver/install/ldapupdate.py b/ipaserver/install/ldapupdate.py index 44a95465..4feb0cf4 100644 --- a/ipaserver/install/ldapupdate.py +++ b/ipaserver/install/ldapupdate.py @@ -414,7 +414,7 @@ class LDAPUpdate: The return type is ipaldap.Entry """ searchfilter="objectclass=*" - sattrs = ["*"] + sattrs = ["*", "aci", "attributeTypes", "objectClasses"] scope = ldap.SCOPE_BASE return self.conn.getList(dn, scope, searchfilter, sattrs) diff --git a/ipaserver/ipaldap.py b/ipaserver/ipaldap.py index b72a43ee..b933839a 100644 --- a/ipaserver/ipaldap.py +++ b/ipaserver/ipaldap.py @@ -523,10 +523,16 @@ class IPAdmin(SimpleLDAPObject): adds = list(new_values.difference(old_values)) removes = list(old_values.difference(new_values)) - if len(removes) > 0: - modlist.append((ldap.MOD_DELETE, key, removes)) - if len(adds) > 0: - modlist.append((ldap.MOD_ADD, key, adds)) + # You can't remove schema online. An add will automatically + # replace any existing schema. + if old_entry.get('dn') == 'cn=schema': + if len(adds) > 0: + modlist.append((ldap.MOD_ADD, key, adds)) + else: + if len(removes) > 0: + modlist.append((ldap.MOD_DELETE, key, removes)) + if len(adds) > 0: + modlist.append((ldap.MOD_ADD, key, adds)) return modlist |