Add support for FreeIPA ID views
    
    FreeIPA ID views allow to override POSIX attributes for certain
    users and groups.
    
    A support is added to allow using specific ID view when serving
    compatibility tree. Each user or group entry which has an override
    in the view is amended with the overridden values from the view
    before served out to the LDAP client.
    
    A view to use is specified as a part of base DN:
    
    	cn=<view>,cn=views,cn=compat,$SUFFIX
    
    where cn=compat,$SUFFIX is the original compatibility tree base DN.
    
    Each entry, when served through the view, gets new DN rewritten to
    specify the view. Additionally, if override in the view changes
    uid (for users) or cn (for groups) attribute, the entry's RDN is changed
    accordingly.
    
    For groups memberUid attribute is modified as well in case there is an override
    in the view that changes uid value of that member.
    
    FreeIPA ID views support overrides for users of trusted Active Directory domains.
    In case of a trusted AD domain's user or group is returned via compatibility tree,
    view overrides are applied in two stages:
      1. SSSD applies default view for AD users
      2. slapi-nis applies explicitly specified (host-specific) view
         on top of the entry returned by SSSD
    
    Thus, slapi-nis does not need to apply default view for AD users and if there are
    no host-specific views in use, there is no need to specify a view in the base DN,
    making overhead of a default view for AD users lower.