Therefore, when running a terraform apply, with an entry that has not changed, the terraform-provider-ldap thinks that the entry has changed since the entry read from LDAP does not have the RDN attribute (due to it being skipped), but the config does have it.
This leads to the terraform-provider-ldap attempting to update the entry, even though it does not need updating. The plan will show something like:
attributes.3552807835.uid: "" => "john.doe"
When the entry is attempted to be updated, the ldap server will return an error like this:
* ldap_object.user.1: LDAP Result Code 20 "Attribute Or Value Exists": modify/add: uid: value #0 already exists
Say you have an ldap entry with the following DN:
That entry also has an attribute for the RDN
Due to this code when reading an existing entry...
https://github.com/Pryz/terraform-provider-ldap/blob/afa6d2163df3fd1e320c45ee2772e3c2b6bae0f8/resource_ldap_object.go#L335-L342
... the RDN attribute is skipped
Therefore, when running a
terraform apply, with an entry that has not changed, theterraform-provider-ldapthinks that the entry has changed since the entry read from LDAP does not have the RDN attribute (due to it being skipped), but the config does have it.This leads to the
terraform-provider-ldapattempting to update the entry, even though it does not need updating. The plan will show something like:When the entry is attempted to be updated, the ldap server will return an error like this: