If you have an attribute with a SUP somename, the attribute type does not inherit the matching rules from somename.
Created attachment 489857 [details] 0004-Bug-693503-matching-rules-do-not-inherit-from-superi.patch
To ssh://git.fedorahosted.org/git/389/ds.git 27ff25d..466fced master -> master commit b5e708a3e907381c66fbcdba2ed1fd69a99198f3 Author: Rich Megginson <rmeggins> Date: Mon Apr 4 14:20:06 2011 -0600 Reviewed by: nkinder (Thanks!) Branch: master Fix Description: If the attribute definition specifies a superior, use the superior equality, substrings, and ordering matching rule from the superior if not specified in the child. Platforms tested: RHEL6 x86_64 Flag Day: no Doc impact: no
To ssh://git.fedorahosted.org/git/389/ds.git e2288d9..5c1cd5f 389-ds-base-1.2.8 -> 389-ds-base-1.2.8 commit 87ca67e21f99bbc553aafc06d277dc6af53aad7a Author: Rich Megginson <rmeggins> Date: Mon Apr 4 14:20:06 2011 -0600
1. create an attributetype that has SYNTAX and at least one matching rule (EQUALITY ORDERING or SUBSTRING) [root@rheltest slapd-rheltest]# ldapmodify -x -h localhost -p 1389 -D "cn=directory manager" -w Secret123 -v << EOF > dn: cn=schema > changetype: modify > add: attributetypes > attributetypes: ( 1.2.3.4.5.6.1 NAME 'dateofbirth' DESC 'For employee birthdays' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUED X-ORIGIN 'Example defined') > EOF ldap_initialize( ldap://localhost:1389 ) add attributetypes: ( 1.2.3.4.5.6.1 NAME 'dateofbirth' DESC 'For employee birthdays' EQUALITY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUED X-ORIGIN 'Example defined') modifying entry "cn=schema" modify complete 2. create an attributetype that has as the SUP the attribute from step 1) - this attribute type should not specify SYNTAX or any matching rule ldapmodify -x -h localhost -p 1389 -D "cn=directory manager" -w Secret123 -v << EOF dn: cn=schema changetype: modify add: attributetypes attributeTypes:( 2.16.840.1.113730.3.8.3.3 NAME 'enrolledBy' DESC 'DN of administrator who performed manual enrollment of the host' SUP dateofbirth X-ORIGIN 'IPA V2' ) EOF ldap_initialize( ldap://localhost:1389 ) add attributeTypes: ( 2.16.840.1.113730.3.8.3.3 NAME 'enrolledBy' DESC 'DN of administrator who performed manual enrollment of the host' SUP dateofbirth X-ORIGIN 'IPA V2' ) modifying entry "cn=schema" modify complete 3. if you search the schema via LDAP (ldapsearch ... -s base -b "cn=schema" 'objectclass=*' attributetypes) you should see the attribute type from step 2 with SYNTAX and matching rules from the SUP ldapsearch -x -h localhost -p 1389 -D "cn=Directory Manager" -w Secret123 -s base -b "cn=schema" 'objectclass=*' attributetypes attributetypes: ( 2.16.840.1.113730.3.8.3.3 NAME 'enrolledBy' DESC 'DN of admi nistrator who performed manual enrollment of the host' SUP dateofbirth EQUALI TY integerMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN ( 'IPA V2' 'use r defined' ) )