[SSSD-users] Re: Stupid question
On (05/12/17 15:36), Galen Johnson wrote:
Hey,
I must be doing something stupid but how can I view the schema for the domain cache? A few
weeks ago, Sumit helped me update the schemas to add a missing index and fix a case
sensitivity issue for the mail attribute?:?
sssd cache(ldb) is schema less LDAP like database :-)
dn: @INDEXLIST
changetype: modify
add: @IDXATTR
@IDXATTR: ghost
dn: @ATTRIBUTES
changetype: modify
add: mail
mail: CASE_INSENSITIVE
When I went to apply the ldif today, both entries failed as "(Attribute or value
exists)". I looked at the yum changelog and I don't see anything that refers to
actually having fixed this. What arguments can I feed to ldbsearch to confirm that the
changes actually exist (note, I'm completely removing the cache file so it
shouldn't exist).
But if you want to check @INDEXLIST than you need to use different search scope
e.g.
sh# ldbsearch -H /var/lib/sss/db/cache_implicit_files.ldb -s base -b @INDEXLIST
asq: Unable to register control with rootdse!
# record 1
dn: @INDEXLIST
@IDXATTR: cn
@IDXATTR: objectclass
@IDXATTR: member
@IDXATTR: memberof
@IDXATTR: name
@IDXATTR: uidNumber
@IDXATTR: gidNumber
@IDXATTR: lastUpdate
@IDXATTR: dataExpireTimestamp
@IDXATTR: originalDN
@IDXATTR: nameAlias
@IDXATTR: servicePort
@IDXATTR: serviceProtocol
@IDXATTR: sudoUser
@IDXATTR: sshKnownHostsExpire
@IDXATTR: objectSIDString
@IDXATTR: ghost
@IDXATTR: userPrincipalName
@IDXATTR: canonicalUserPrincipalName
@IDXATTR: uniqueID
@IDXATTR: mail
@IDXONE: 1
distinguishedName: @INDEXLIST
# returned 1 records
# 1 entries
# 0 referrals
LS