dihedron
commented
7 years ago Hi @kasimon please take a look at my pull request; I hope @Pryz will pull it otherwise you may still want to give a try to my fork. Cheers!
Open kasimon opened 7 years ago
dihedron
commented
7 years ago Hi @kasimon please take a look at my pull request; I hope @Pryz will pull it otherwise you may still want to give a try to my fork. Cheers!
kasimon
commented
7 years ago Hi @dihedron,
I definitely will look at your fork as soon as I manage to free some time for it. Looks very good!
Pryz
commented
7 years ago I will close this issue as fixed since we merged https://github.com/Pryz/terraform-provider-ldap/pull/4 :)
dihedron
commented
7 years ago Hi @kasimon , can you please provide a feedback? The latest pull request should have addresses your issue. Thanks!
kasimon
commented
7 years ago Hi @dihedron, sorry I was ill for two weeks. I will try to verify your change in the next days, if my work backlog allows it.
The fact that you have to specficy db and base_dn makes it impossible to address the root object of a ldap tree with this provider, because even if I leave base_dn empty, the stray comma will cause an syntax error. This prevents me from initializing a completely empty ldap tree with terraform. My proposal would be to don't add the concatation comma when it's empty.
Thinking more about it, for the purpose of this provider maybe it would be sensible to don't use base_dn at all. If you define the desired state of an ldap directory with terraform, there should be no ambiguity where an entry will be placed. And das far as I understand the code (my go is not very fluent), if the provider will create an item it will be located at $dn,$basedn whereas it will find an existing item $dn anywhere below $base_dn. In my opinion $dn should be the complete dn of an entry and the provider should look for the item only at exactly that position (that would be a ldap search with filter="objectClass=*", scope="one", basedn="$dn").