We should allow the managed entry config to be optionally located in an admin specified location. This will allow the configuration to be replicated. We can take advantage of the recently added nsslapd-pluginConfigArea attribute, whose value is passed to a plug-in in the pblock.
Created attachment 498086 [details]
Pushed to master. Thanks to Noriko for her review!
Counting objects: 13, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (7/7), done.
Writing objects: 100% (7/7), 1.72 KiB, done.
Total 7 (delta 4), reused 0 (delta 0)
b3f6aad..11b095f master -> master
Request you to please put the verification steps.
(In reply to comment #7)
> Request you to please put the verification steps.
To verify, you simply need to set the 'nsslapd-pluginConfigArea' in the main managed entry plug-in config entry in 'cn=config'. The value of this attribute should be the DN of a container in your main database (not 'cn=config'). This container is where you will need to put your managed entry definition entries as opposed to putting them beneath the main plug-in config entry.
Added a new attribute to the managed plug-in config.
[root@rhel61-ds90-sankar scripts]# /usr/bin/ldapmodify -x -p 16387 -h 10.16.98.215 -D "cn=Directory Manager" -w Secret123 << EOF
> dn: cn=Managed Entries,cn=plugins,cn=config
> changetype: modify
> replace: nsslapd-pluginConfigArea
> nsslapd-pluginConfigArea: ou=people,dc=managedentry,dc=com
modifying entry "cn=Managed Entries,cn=plugins,cn=config"
Then, I could successfully add configuration entries.
[root@rhel61-ds90-sankar scripts]# PORT=16387; ldapsearch -x -h localhost -p $PORT -D "cn=directory manager" -w Secret123 -b "cn=UPG Definition2,ou=people,dc=managedentry,dc=com"
# UPG Definition2, people, managedentry.com
dn: cn=UPG Definition2,ou=people,dc=managedentry,dc=com
cn: UPG Definition2
managedtemplate: cn=UPG2 Template, dc=mentry,dc=com
# search result
result: 0 Success
Hence marking the bug as verified.