ldapcompare canoot be used on cn=config
cn=config
This feature is used by Ansible ldap_attr plugin
Tested with 1.3.4.9 (Ubuntu), 1.4.0.0 (Fedora). Confirmed by William Brown in mailing list.
root@ldap01:/home/ubuntu# ldapcompare -h localhost -D cn=root -wadmin cn=encryption,cn=config nsSSL2:off Compare Result: Server is unwilling to perform (53) Additional info: Operation on Directory Specific Entry not allowed
I confirmed on git master 1.4.x. I think the issue is:
The issue is the lack of SLAPI_OPERATION_COMPARE in fedse.c. We need to add a callback that handles this for &root and &config I think for this to work.
Metadata Update from @firstyear: - Custom field component adjusted to None - Custom field origin adjusted to None - Custom field reviewstatus adjusted to None - Custom field type adjusted to None - Custom field version adjusted to None
Metadata Update from @mreynolds: - Issue set to the milestone: 1.4 backlog
Metadata Update from @spichugi: - Issue assigned to spichugi
As a follow up, once this is implemented, it allows use of ldapcompare in DSLdapObjects which means we get schema awareness in lib389 (finally)
https://pagure.io/389-ds-base/pull-request/50301
https://pagure.io/389-ds-base/pull-request/50316
Metadata Update from @firstyear: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.