|
 |
89cb6d |
From 68b3ed5adb1512f352d0e6dba0073352966fa2d8 Mon Sep 17 00:00:00 2001
|
|
|
89cb6d |
From: =?UTF-8?q?Fran=C3=A7ois=20Cami?= <fcami@redhat.com>
|
|
|
89cb6d |
Date: Fri, 22 Jan 2021 14:35:59 +0200
|
|
|
89cb6d |
Subject: [PATCH] Add more indices
|
|
|
89cb6d |
MIME-Version: 1.0
|
|
|
89cb6d |
Content-Type: text/plain; charset=UTF-8
|
|
|
89cb6d |
Content-Transfer-Encoding: 8bit
|
|
|
89cb6d |
|
|
|
89cb6d |
Manual backport of 9f0ec27e9f13ed40b8e58162d99bf9b0e8b4afd5.
|
|
|
89cb6d |
Original commit message:
|
|
|
89cb6d |
****************************************************
|
|
|
89cb6d |
ipaCASubjectDN is used by lightweight sub CA feature.
|
|
|
89cb6d |
|
|
|
89cb6d |
ipaExternalMember is used by KRB driver to assemble MS-PAC records.
|
|
|
89cb6d |
|
|
|
89cb6d |
ipaNTSecurityIdentifier was only index for "pres" and was missing an
|
|
|
89cb6d |
index on "eq". Samba and ipasam perform queries with SID string.
|
|
|
89cb6d |
|
|
|
89cb6d |
memberPrincipal is used by S4U2Proxy constrained delegation and by
|
|
|
89cb6d |
ipa-custodia.
|
|
|
89cb6d |
|
|
|
89cb6d |
Also note that dnaHostname, ipServiceProtocol, ipaCertSubject, and
|
|
|
89cb6d |
ipaKeyUsage are currently not index because an index would rarely used
|
|
|
89cb6d |
or have a poor selectivity.
|
|
|
89cb6d |
|
|
|
89cb6d |
Signed-off-by: Christian Heimes <cheimes@redhat.com>
|
|
|
89cb6d |
****************************************************
|
|
|
89cb6d |
|
|
|
89cb6d |
The ipaNTSecurityIdentifier entry was missing in ipa-4-6 and is
|
|
|
89cb6d |
added by this commit.
|
|
|
89cb6d |
|
|
|
89cb6d |
Fixes: https://pagure.io/freeipa/issue/8677
|
|
|
89cb6d |
Signed-off-by: François Cami <fcami@redhat.com>
|
|
|
89cb6d |
Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
|
|
|
89cb6d |
---
|
|
|
89cb6d |
install/updates/20-indices.update | 29 +++++++++++++++++++++++++++++
|
|
|
89cb6d |
1 file changed, 29 insertions(+)
|
|
|
89cb6d |
|
|
|
89cb6d |
diff --git a/install/updates/20-indices.update b/install/updates/20-indices.update
|
|
|
89cb6d |
index 6798f50c80754c9f27f458d4a7d70a4cf7f26f74..0032387536196af5f3b72c15a4ce72a79fec9288 100644
|
|
|
89cb6d |
--- a/install/updates/20-indices.update
|
|
|
89cb6d |
+++ b/install/updates/20-indices.update
|
|
|
89cb6d |
@@ -380,3 +380,32 @@ default: objectClass: top
|
|
|
89cb6d |
default: objectClass: nsIndex
|
|
|
89cb6d |
default: nsSystemIndex: false
|
|
|
89cb6d |
default: nsIndexType: eq
|
|
|
89cb6d |
+
|
|
|
89cb6d |
+dn: cn=ipaCASubjectDN,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config
|
|
|
89cb6d |
+only:cn: ipaCASubjectDN
|
|
|
89cb6d |
+default:objectClass: nsIndex
|
|
|
89cb6d |
+default:objectClass: top
|
|
|
89cb6d |
+default:nsSystemIndex: false
|
|
|
89cb6d |
+add:nsIndexType: eq
|
|
|
89cb6d |
+
|
|
|
89cb6d |
+dn: cn=ipaExternalMember,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config
|
|
|
89cb6d |
+only:cn: ipaExternalMember
|
|
|
89cb6d |
+default:objectClass: nsIndex
|
|
|
89cb6d |
+default:objectClass: top
|
|
|
89cb6d |
+default:nsSystemIndex: false
|
|
|
89cb6d |
+add:nsIndexType: eq
|
|
|
89cb6d |
+
|
|
|
89cb6d |
+dn: cn=memberPrincipal,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config
|
|
|
89cb6d |
+only:cn: memberPrincipal
|
|
|
89cb6d |
+default:objectClass: nsIndex
|
|
|
89cb6d |
+default:objectClass: top
|
|
|
89cb6d |
+default:nsSystemIndex: false
|
|
|
89cb6d |
+add:nsIndexType: eq
|
|
|
89cb6d |
+
|
|
|
89cb6d |
+dn: cn=ipaNTSecurityIdentifier,cn=index,cn=userRoot,cn=ldbm database,cn=plugins,cn=config
|
|
|
89cb6d |
+only: cn: ipaNTSecurityIdentifier
|
|
|
89cb6d |
+default: objectClass: top
|
|
|
89cb6d |
+default: objectClass: nsIndex
|
|
|
89cb6d |
+default: nsSystemIndex: false
|
|
|
89cb6d |
+add: nsIndexType: eq
|
|
|
89cb6d |
+add: nsIndexType: pres
|
|
|
89cb6d |
--
|
|
|
89cb6d |
2.26.2
|
|
|
89cb6d |
|