It's not possible to add/delete boolean attribute idnsAllowDynUpdate in DNS zone.
Error examples are attached in dnszone-mod, zone object is in zone.ldif.
Same error like for ipa dnszone-mod --addattr "LDAP: error code 21 - idnsAllowDynUpdate: value #0 invalid per syntax" appears if value is added/modified by hand and is not uppercase. ("True" is not accepted by server, but "TRUE" is accepted.)
Wrong string conversion before calling LDAP?
commands and error messages dnszone-mod
attachment zone.ldif
attachment freeipa-mkosek-221-fix-encoding-for-setattr-addattr-delattr.patch
Patch freeipa-mkosek-221-fix-encoding-for-setattr-addattr-delattr.patch sent for review
Root cause: Attribute values passed by --{set,add,del}attr parameters were normalized and validated using appropriate parameter, but were never encoded for the backend. This prevents manipulation with dirsrv BOOL attributes as framework tries to pass boolean value instead of encoded "TRUE"/"FALSE" values.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=797561
Moving to next month iteration.
master: eeee8e1
ipa-2-2: bd0a6aa
Metadata Update from @pspacek: - Issue assigned to mkosek - Issue set to the milestone: FreeIPA 2.2 Core Effort - 2012/03
Login to comment on this ticket.