s4:OpenLDAP-backend Use the new rdnval module in OpenLDAP

This is rather than rdn_name, which tries to do the job on the client
side.  We need to leave this module in the stack for Fedora DS (and of
course the LDB backend).

Andrew Bartlett

4 files changed, 15 insertions, 5 deletions

diff --git a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c
index 8f7e5407c79..bbdb768705e 100644
--- a/source4/dsdb/samdb/ldb_modules/samba_dsdb.c
+++ b/source4/dsdb/samdb/ldb_modules/samba_dsdb.c
@@ -185,11 +185,15 @@ static int samba_dsdb_init(struct ldb_module *module)
 					     "kludge_acl",
 					     "schema_load",
 					     "instancetype",
-					     "rdn_name",
 					     NULL };
 
 	const char **link_modules;
+	static const char *fedora_ds_modules[] = {
+		"rdn_name", NULL };
+	static const char *openldap_modules[] = {
+		NULL };
 	static const char *tdb_modules_list[] = {
+		"rdn_name",
 		"subtree_delete",
 		"repl_meta_data",
 		"subtree_rename",
@@ -252,11 +256,12 @@ static int samba_dsdb_init(struct ldb_module *module)
 		extended_dn_module = extended_dn_module_ldb;
 		link_modules = tdb_modules_list;
 	} else {
-		link_modules = NULL;
 		if (strcasecmp(backendType, "fedora-ds") == 0) {
+			link_modules = fedora_ds_modules;
 			backend_modules = fedora_ds_backend_modules;
 			extended_dn_module = extended_dn_module_fds;
 		} else if (strcasecmp(backendType, "openldap") == 0) {
+			link_modules = openldap_modules;
 			backend_modules = openldap_backend_modules;
 			extended_dn_module = extended_dn_module_openldap;
 		}
diff --git a/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c b/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c
index bf9cd4fdda4..592cd01b220 100644
--- a/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c
+++ b/source4/dsdb/samdb/ldb_modules/simple_ldap_map.c
@@ -287,7 +287,7 @@ static const struct ldb_map_attribute entryuuid_attributes[] =
 		.type = LDB_MAP_RENAME,
 		.u = {
 			.rename = {
-				 .remote_name = "samba4RDN"
+				 .remote_name = "rdnValue"
 			 }
 		}
 	},
diff --git a/source4/setup/schema-map-openldap-2.3 b/source4/setup/schema-map-openldap-2.3
index 0d38652dae6..09808b67422 100644
--- a/source4/setup/schema-map-openldap-2.3
+++ b/source4/setup/schema-map-openldap-2.3
@@ -15,6 +15,10 @@ uidNumber
 gidNumber
 #The memberOf plugin provides this attribute
 memberOf
+#'name' is the RDN in AD, but 'name' means something else in
+#OpenLDAP.  We use rdnValue for the mapping, but this is provided by
+#the rdnval overlay.
+name
 #These conflict with OpenLDAP builtins
 attributeTypes:samba4AttributeTypes
 2.5.21.5:1.3.6.1.4.1.7165.4.255.7
@@ -24,8 +28,6 @@ objectClasses:samba4ObjectClasses
 2.5.21.6:1.3.6.1.4.1.7165.4.255.5
 subSchema:samba4SubSchema
 2.5.20.1:1.3.6.1.4.1.7165.4.255.4
-#'name' is the RDN in AD, but something else in OpenLDAP
-name:samba4RDN
 #Remap these so that we don't put operational attributes in a schema MAY
 modifyTimeStamp:samba4ModifyTimestamp
 2.5.18.2:1.3.6.1.4.1.7165.4.255.3
diff --git a/source4/setup/slapd.conf b/source4/setup/slapd.conf
index 0077a224fb3..61b216b6d68 100644
--- a/source4/setup/slapd.conf
+++ b/source4/setup/slapd.conf
@@ -86,6 +86,7 @@ ${INDEX_CONFIG}
 overlay syncprov
 syncprov-sessionlog 100
 syncprov-checkpoint 100 10
+overlay rdnval
 
 
 ### Multimaster-Replication of cn=schema Subcontext ###
@@ -106,6 +107,7 @@ ${INDEX_CONFIG}
 overlay syncprov
 syncprov-sessionlog 100
 syncprov-checkpoint 100 10
+overlay rdnval
 
 ### Multimaster-Replication of cn=config Subcontext ###
 ${MMR_SYNCREPL_CONFIG_CONFIG}
@@ -125,6 +127,7 @@ ${INDEX_CONFIG}
 overlay syncprov
 syncprov-sessionlog 100
 syncprov-checkpoint 100 10
+overlay rdnval
 
 ### Multimaster-Replication of cn=user/base-dn context ###
 ${MMR_SYNCREPL_USER_CONFIG}