From 96003cb12216a7062774ef5e1db41ce5b5ebbc44 Mon Sep 17 00:00:00 2001
From: Martin Basti <mbasti@redhat.com>
Date: Sep 21 2015 10:04:12 +0000
Subject: Server Upgrade: addifnew should not create entry


addifnew should add value only if entry exists, instead of creating
entry.

Reviewed-By: David Kupka <dkupka@redhat.com>

---

diff --git a/ipaserver/install/ldapupdate.py b/ipaserver/install/ldapupdate.py
index 6f796df..eaef77b 100644
--- a/ipaserver/install/ldapupdate.py
+++ b/ipaserver/install/ldapupdate.py
@@ -669,8 +669,8 @@ class LDAPUpdate:
             elif action == 'addifnew':
                 self.debug("addifnew: '%s' to %s, current value %s", safe_output(attr, update_value), attr, safe_output(attr, entry_values))
                 # Only add the attribute if it doesn't exist. Only works
-                # with single-value attributes.
-                if len(entry_values) == 0:
+                # with single-value attributes. Entry must exist.
+                if entry.get('objectclass') and len(entry_values) == 0:
                     entry_values.append(update_value)
                     self.debug('addifnew: set %s to %s', attr, safe_output(attr, entry_values))
                     entry[attr] = entry_values