On 9/28/18 7:11 PM, Quanah Gibson-Mount wrote:
--On Thursday, September 27, 2018 8:16 PM -0700 Christopher Paul
> Well yeah it works now, after adding the EQUALITY rule to the
> attribute(*). Can someone pls explain this to me? I'm not getting why
> LDAP_MOD_REPLACE won't work without an EQUALITY rule.
If you mean the python LDAP_MOD_REPLACE, it's entire purpose is to
ensure it works whether or not there is an EQUALITY rule (from what I
read). If that's not working right, you probably need to take that up
with the python-ldap folks.
Since I'm the one who wrote this code I should probably comment on this:
1. You don't have to use ldap.modlist.modifyModlist() . It's just
provided for convenience in case you have old and entries and want to
let it craft the modification list for you. Still you can directly pass
whatever modlist you want to LDAPObject.modify_s() and friends.
2. The MOD_DELETE for complete deletion of all attributes values with
subsequent MOD_ADD of the new attribute value list was done because I
ran into issues with attributes without EQUALITY matching rule. This is
a rather old topic and I forgot the details.