If an Active Directory user wants to update its password, he will target the entry in the compat tree. slapi-nis should "redirect" the ldap req from the compat tree to the real tree.
For this, slapi-nis should implement a pre-extop callback that catches the specific OID 1.3.6.1.4.1.4203.1.11.1 extended op https://www.ietf.org/rfc/rfc3062.txt. Then mapping the real entry from compat entry, it should set SLAPI_TARGET_SDN with the real entry DN.
This ticket has dependencies upon:
attachment 0001-slapi-nis-should-allow-password-update-on-a-virtual-.patch
4.4.0 was released, moving open tickets to 4.4.1
This ticket is fixed in slapi-nis 0.56-1
Closing it
slapi-nis master
Metadata Update from @tbordaz: - Issue assigned to tbordaz - Issue set to the milestone: FreeIPA 4.4.1
Login to comment on this ticket.