[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: issues with equality matching and slapd death
- To: Quanah Gibson-Mount <quanah@symas.com>, Christopher Paul <chris.paul@rexconsulting.net>, openldap-technical@openldap.org
- Subject: Re: issues with equality matching and slapd death
- From: Michael Ströder <michael@stroeder.com>
- Date: Fri, 28 Sep 2018 19:36:40 +0200
- Autocrypt: addr=michael@stroeder.com; prefer-encrypt=mutual; keydata= xsBNBFbdnRoBCADj0vYA4aRwKJ6AE4mf8oElLgMT/1eLNKpJ2FYBWcwj9d8dTk5/p9b8DRxy S/qQIUUZqt9xRFZwUCm0vFeQMRDeN9xzAKoRzrJifoDOacOjG1lhZTKYvVZGgUT89Ao3QeHh Q7gPzcAKNoueoR2y3FXStOYuRrbk5PlSjVAITjsotgc7PWE9mmVYpeu8a+byK/DBHKUyolOA 1UXYvDa7MbPhMtdNm8qnwtKs1Vsyk1VkErM+5cIe+zTT6WYQcmZMRjCtWGiFTzk9W6Mdlskk WRTKhKNgokTsgcy1ecaCBUZWxv/SyXgD81+rwRi9b8Px+1reg43ayxi8sV7jrI1feybbABEB AAHNJ01pY2hhZWwgU3Ryw7ZkZXIgPG1pY2hhZWxAc3Ryb2VkZXIuY29tPsLAdwQTAQgAIQUC Vt2dGgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRAH3HrjaovJOFpTCACjO773gcmJ KvzjiNpUFl/gANyaJgIq4VbMQ7VthRb1F9X6YbdJ6Z99ntyESjGFCpjofcSomr2vJDpv6ht+ lY33yo20YwsMpqe2OeId0jPybG+FtabKjgBNoAk7iqnBGUvE4t0dz0n1LQVCQR2jxyTKmcNq OYpsRZ3H+6kWwJMuVgsNZglINVZ8JgV5QuLYN5jhYz+pOuFnU11bV6nWREvzZXzebe7g7Zus 6AsWjtJ0lDvgBNzLlF3/eFrVch6Bejs0SvuFseIdZQk+4YU6Rb8xul/jDFXIfo7eTmijO3dV T5AmC1cUi8czncwpgAJnEH8vYv23RoN/aw2gSMCS2huIzsBNBFbdnRoBCAC7L1cTVBVZZuM/ yxSUM5CsgGBlTD1Cr7C2ngZFsHSYXVLq6NUB8GZA2iLK96CrwnFw4/Jjz4llOjc50iVRMQKL RyFWOJAMrpPq2ew5T+Uoo524D//dwVbqkFVVuvM8NPiKIDyPGCjP+acM1D8hXwhOXgQ8Iz8Q 3/GRSYjitn9JrkF0ia2nhariznBKVu0LDffxF/hOCx45+QRR2/rYYlshfZMB7nEJX9P+hVfM CSzltz9Z8CldeUbiJvnyrISReR2XBw9oh8JkIUP0BtpIaify9A7EfzOk+W9BUnWe+YwdSUsB fJxOhSv+umyW5GMqZGFu+4oYnkzbe+1LUs1JarCtABEBAAHCwF8EGAEIAAkFAlbdnRoCGwwA CgkQB9x642qLyTjEUgf+JX6Atatl/QKe37yCj1OZYNPd3B0rPLJRF5mEmrADRXLZC9+uFeDS Wxxln040gnR6rjBHrRcvVmlTDiZY26iuL16+V+0/aZ9uyXNQSzk2cwDSiI/8gvr72Y+FN5fh cGXpeNHxHilYc9onzDhxyE76cwzqTKm4q2ULIH2u9IHQ5O86Fv6nHPYhe2fy1bhQapNwi/Xl 3G3i2WNH/w7m+1zWU1IddZOjmXzoxLT1BATwXGa0Tt5RjVb2mM1Wg3Zj6kqFkF2vvKcvrwj0 q0Ap5uyfN5m0uWzQMCMoaV9HQf7f5MkS1lnwBqDgnojjVAieX5uk7olUiRuPKHMfhvXulYP8 AA==
- In-reply-to: <F5209C288272287F8CBF69E2@[192.168.1.39]>
- Openpgp: id=43C8730E84A20E560722806C07DC7AE36A8BC938
- References: <f23d83db-f263-63d6-cbcf-34b23ed462a0@rexconsulting.net> <4C00FB10-C9F1-43AA-9D48-0A07FED4BF79@rexconsulting.net> <9444621599F90C8FC7E2B97B@[192.168.1.39]> <10ab8aa7-8b64-6c08-0838-354bc0c50196@rexconsulting.net> <723233FB596E61734E787E17@[192.168.1.39]> <87270bec-8e52-5c1b-5e0c-b179ff11e28a@rexconsulting.net> <F5209C288272287F8CBF69E2@[192.168.1.39]>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.0
On 9/28/18 7:11 PM, Quanah Gibson-Mount wrote:
> --On Thursday, September 27, 2018 8:16 PM -0700 Christopher Paul
> <chris.paul@rexconsulting.net> wrote:
>
>> Well yeah it works now, after adding the EQUALITY rule to the
>> attribute(*). Can someone pls explain this to me? I'm not getting why
>> LDAP_MOD_REPLACE won't work without an EQUALITY rule.
>
> If you mean the python LDAP_MOD_REPLACE, it's entire purpose is to
> ensure it works whether or not there is an EQUALITY rule (from what I
> read). If that's not working right, you probably need to take that up
> with the python-ldap folks.
Since I'm the one who wrote this code I should probably comment on this:
1. You don't have to use ldap.modlist.modifyModlist() [1]. It's just
provided for convenience in case you have old and entries and want to
let it craft the modification list for you. Still you can directly pass
whatever modlist you want to LDAPObject.modify_s() and friends.
2. The MOD_DELETE for complete deletion of all attributes values with
subsequent MOD_ADD of the new attribute value list was done because I
ran into issues with attributes without EQUALITY matching rule. This is
a rather old topic and I forgot the details.
Ciao, Michael.
[1]
https://www.python-ldap.org/en/latest/reference/ldap-modlist.html#ldap.modlist.modifyModlist
[2]
https://www.python-ldap.org/en/latest/reference/ldap.html#ldap.LDAPObject.modify_s
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature