The upgrade process for IPA needs to be seamless and not require user intervention. For this reason we need a way to apply LDAP changes without prompting for the Directory Manager password.
Alternatives include:
I've decided to go with updating over ldapi and disabling the TCP listeners. I will also enable autobind so if we are root we'll bind over ldapi as DM and have full access without requiring a password.
Committed upsteam
Metadata Update from @rcritten: - Issue assigned to rcritten - Issue set to the milestone: FreeIPA 2.0 - 2010/06
Login to comment on this ticket.