[Freeipa-devel] [freeipa PR#4502][opened] Upgrade rfc2307 schema

URL: https://github.com/freeipa/freeipa/pull/4502 Author: abbra Title: #4502: Upgrade rfc2307 schema Action: opened PR body: """ Update nisDomain and nisDomainObject to follow actual RFC2307bis schema When RFC2307bis-based schema was added to FreeIPA and Fedora Directory in 2008, wrong OIDs were used for nisDomain attribute and nisDomainObject compared to the actual RFC2307bis schema. FreeIPA installed own schema version by default as rfc2307bis.ldif first and then as 15rfc2307bis.ldif. Fedora Directory (later 389-ds) kept it as 60nis.ldif in optional content and never installed into a working instance. Recently, 389-ds decided to unify various RFC 2307-related schema files and install them by default. As result, FreeIPA-provided nisDomain attribute and nisDomainObject objectclass started to conflict with the ones installed by default by 389-ds. All other attributes from 15rfc2307bis.ldif are not in use by FreeIPA. Since they are provided in 389-ds starting with 1.4.3.5 anyway, it makes no sense to keep them shipped. This pull request updates 15rfc2307bis.ldif to only contain two entries which FreeIPA depends on. - attribute 'nisDomain' - objectclass 'nisDomainObject' The definition of 'nisDomain' attribute and 'nisDomainObject' objectclass were updated to be compatible with 389-ds 1.4.3.5+. Fixes: http://pagure.io/freeipa/issue/8258 This issue needs resolution from 389-ds side as well, we aren't agreed fully yet how to solve multiple-master replication problem. For details please see https://pagure.io/389-ds-base/issue/50933, https://pagure.io/389-ds-base/pull-request/51009, https://pagure.io/389-ds-base/pull-request/50934#comment-115218, and two Fedora 32 bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1821548 and https://bugzilla.redhat.com/show_bug.cgi?id=1820176 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/4502/head:pr4502 git checkout pr4502