Thanks. That's good info to know...I was trying to do to an objectClass search...and Google wasn't helping. I did figure out that it wasn't a patch to sssd...but the fact that I'm an idiot and completely forgot that I added an override file to sssd to apply the mods post exec. :facepalm:
=G= ________________________________________ From: Lukas Slebodnik <lsleb...@redhat.com> Sent: Tuesday, December 5, 2017 10:46 AM To: End-user discussions about the System Security Services Daemon Subject: [SSSD-users] Re: Stupid question EXTERNAL On (05/12/17 15:36), Galen Johnson wrote: >Hey, > > >I must be doing something stupid but how can I view the schema for the domain >cache? A few weeks ago, Sumit helped me update the schemas to add a missing >index and fix a case sensitivity issue for the mail attribute?:? > sssd cache(ldb) is schema less LDAP like database :-) > >dn: @INDEXLIST >changetype: modify >add: @IDXATTR >@IDXATTR: ghost > >dn: @ATTRIBUTES >changetype: modify >add: mail >mail: CASE_INSENSITIVE > > >When I went to apply the ldif today, both entries failed as "(Attribute or >value exists)". I looked at the yum changelog and I don't see anything that >refers to actually having fixed this. What arguments can I feed to ldbsearch >to confirm that the changes actually exist (note, I'm completely removing the >cache file so it shouldn't exist). > But if you want to check @INDEXLIST than you need to use different search scope e.g. sh# ldbsearch -H /var/lib/sss/db/cache_implicit_files.ldb -s base -b @INDEXLIST asq: Unable to register control with rootdse! # record 1 dn: @INDEXLIST @IDXATTR: cn @IDXATTR: objectclass @IDXATTR: member @IDXATTR: memberof @IDXATTR: name @IDXATTR: uidNumber @IDXATTR: gidNumber @IDXATTR: lastUpdate @IDXATTR: dataExpireTimestamp @IDXATTR: originalDN @IDXATTR: nameAlias @IDXATTR: servicePort @IDXATTR: serviceProtocol @IDXATTR: sudoUser @IDXATTR: sshKnownHostsExpire @IDXATTR: objectSIDString @IDXATTR: ghost @IDXATTR: userPrincipalName @IDXATTR: canonicalUserPrincipalName @IDXATTR: uniqueID @IDXATTR: mail @IDXONE: 1 distinguishedName: @INDEXLIST # returned 1 records # 1 entries # 0 referrals LS _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org
