13084 – Replacing a SINGLE-VALUE with "add a new value, then delete the old value" modify entry in an LDIF

Bug 13084 - Replacing a SINGLE-VALUE with "add a new value, then delete the old value" modify entry in an LDIF

Summary: Replacing a SINGLE-VALUE with "add a new value, then delete the old value" mo...

Status:	NEW

Alias:	None

Product:	Samba 4.1 and newer
Classification:	Unclassified
Component:	AD: LDB/DSDB/SAMDB (show other bugs)
Version:	4.7.0
Hardware:	All All

Importance:	P5 normal (vote)
Target Milestone:	---
Assignee:	Andrew Bartlett
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-10-13 06:57 UTC by SATOH Fumiyasu
Modified:	2017-10-28 10:17 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SATOH Fumiyasu 2017-10-13 06:57:32 UTC

Samba AD rejests the following operation, but Windows AD accepts it:

```console
$ cat modify.ldif
dn: CN=test9,CN=Users,DC=example,DC=co,DC=jp
changetype: modify
add: sn
sn: new-value
-
delete: sn
sn: old-value
$ ldapmodify \
  -ZZ \
  -H ldap://dc1.example.co.jp/ \
  -x 
  -D idmanager@example.co.jp \
  -w idmanager-pass \
  <modify.ldif \
;
modifying entry "CN=test9,CN=Users,DC=example,DC=co,DC=jp"
ldap_modify: Type or value exists (20)
        additional info: 0000200D: SINGLE-VALUE attribute sn on CN=test9,CN=Users,DC=example,DC=co,DC=jp specified more than once
```

Comment 1 SATOH Fumiyasu 2017-10-13 07:04:53 UTC

OpenLDAP server accepts too.