Thanks. That's good info to know...I was trying to do to an objectClass search...and
Google wasn't helping. I did figure out that it wasn't a patch to sssd...but the
fact that I'm an idiot and completely forgot that I added an override file to sssd to
apply the mods post exec. :facepalm:
=G=
________________________________________
From: Lukas Slebodnik <lslebodn(a)redhat.com>
Sent: Tuesday, December 5, 2017 10:46 AM
To: End-user discussions about the System Security Services Daemon
Subject: [SSSD-users] Re: Stupid question
EXTERNAL
On (05/12/17 15:36), Galen Johnson wrote:
Hey,
I must be doing something stupid but how can I view the schema for the domain cache? A few
weeks ago, Sumit helped me update the schemas to add a missing index and fix a case
sensitivity issue for the mail attribute?:?
sssd cache(ldb) is schema less LDAP like database :-)
dn: @INDEXLIST
changetype: modify
add: @IDXATTR
@IDXATTR: ghost
dn: @ATTRIBUTES
changetype: modify
add: mail
mail: CASE_INSENSITIVE
When I went to apply the ldif today, both entries failed as "(Attribute or value
exists)". I looked at the yum changelog and I don't see anything that refers to
actually having fixed this. What arguments can I feed to ldbsearch to confirm that the
changes actually exist (note, I'm completely removing the cache file so it
shouldn't exist).
But if you want to check @INDEXLIST than you need to use different search scope
e.g.
sh# ldbsearch -H /var/lib/sss/db/cache_implicit_files.ldb -s base -b @INDEXLIST
asq: Unable to register control with rootdse!
# record 1
dn: @INDEXLIST
@IDXATTR: cn
@IDXATTR: objectclass
@IDXATTR: member
@IDXATTR: memberof
@IDXATTR: name
@IDXATTR: uidNumber
@IDXATTR: gidNumber
@IDXATTR: lastUpdate
@IDXATTR: dataExpireTimestamp
@IDXATTR: originalDN
@IDXATTR: nameAlias
@IDXATTR: servicePort
@IDXATTR: serviceProtocol
@IDXATTR: sudoUser
@IDXATTR: sshKnownHostsExpire
@IDXATTR: objectSIDString
@IDXATTR: ghost
@IDXATTR: userPrincipalName
@IDXATTR: canonicalUserPrincipalName
@IDXATTR: uniqueID
@IDXATTR: mail
@IDXONE: 1
distinguishedName: @INDEXLIST
# returned 1 records
# 1 entries
# 0 referrals
LS
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org