Bug 703530

Summary: [RFE] Allow Managed Entry config to be relocated to main database
Product: [Retired] 389 Reporter: Nathan Kinder <nkinder>
Component: Server - PluginsAssignee: Nathan Kinder <nkinder>
Status: CLOSED CURRENTRELEASE QA Contact: Viktor Ashirov <vashirov>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 1.2.8CC: amsharma, jgalipea, rmeggins, sramling
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-12-07 16:34:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 690318, 708096, 726742    
Attachments:
Description Flags
Patch nhosoi: review+

Description Nathan Kinder 2011-05-10 15:31:27 UTC 
We should allow the managed entry config to be optionally located in an admin specified location.  This will allow the configuration to be replicated.  We can take advantage of the recently added nsslapd-pluginConfigArea attribute, whose value is passed to a plug-in in the pblock.
Comment 1 Nathan Kinder 2011-05-10 16:00:38 UTC 
Created attachment 498086 [details]
Patch
Comment 2 Nathan Kinder 2011-05-10 16:22:53 UTC 
Pushed to master.  Thanks to Noriko for her review!

Counting objects: 13, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (7/7), done.
Writing objects: 100% (7/7), 1.72 KiB, done.
Total 7 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   b3f6aad..11b095f  master -> master
Comment 7 Amita Sharma 2011-10-03 16:23:56 UTC 
Nathan,

Request you to please put the verification steps.

Thanks,
Amita
Comment 8 Nathan Kinder 2011-10-03 16:29:39 UTC 
(In reply to comment #7)
> Nathan,
> 
> Request you to please put the verification steps.
> 
> Thanks,
> Amita

To verify, you simply need to set the 'nsslapd-pluginConfigArea' in the main managed entry plug-in config entry in 'cn=config'.  The value of this attribute should be the DN of a container in your main database (not 'cn=config').  This container is where you will need to put your managed entry definition entries as opposed to putting them beneath the main plug-in config entry.
Comment 9 Sankar Ramalingam 2011-11-21 15:39:15 UTC 
Added a new attribute to the managed plug-in config.

[root@rhel61-ds90-sankar scripts]# /usr/bin/ldapmodify -x -p 16387 -h 10.16.98.215 -D "cn=Directory Manager" -w Secret123  << EOF
> dn: cn=Managed Entries,cn=plugins,cn=config
> changetype: modify
> replace: nsslapd-pluginConfigArea
> nsslapd-pluginConfigArea: ou=people,dc=managedentry,dc=com
> EOF
modifying entry "cn=Managed Entries,cn=plugins,cn=config"

Then, I could successfully add configuration entries.
[root@rhel61-ds90-sankar scripts]# PORT=16387; ldapsearch -x -h localhost -p $PORT -D "cn=directory manager" -w Secret123 -b "cn=UPG Definition2,ou=people,dc=managedentry,dc=com"

# UPG Definition2, people, managedentry.com
dn: cn=UPG Definition2,ou=people,dc=managedentry,dc=com
objectClass: extensibleObject
objectClass: top
cn: UPG Definition2
originscope: cn=Users2,dc=mentry,dc=com
originfilter: objectclass=posixAccount
managedbase: cn=Groups,dc=mentry,dc=com
managedtemplate: cn=UPG2 Template, dc=mentry,dc=com

# search result
search: 2
result: 0 Success

Hence marking the bug as verified.