password_policy and schema were getting overwritten on update.
Example:
# create config
vault write open/config \
binddn="cn=admin,dc=hashicorp,dc=com" \
bindpass="admin" schema="ad" password_policy="3" \
url="ldap://ldap"
# check that password_policy and schema are there
vault read open/config
# update config
vault write open/config \
bindpass="admin2"
# see that password_policy is gone and schema defaults to "openldap" and not "ad"
vault read open/config
Overview
A high level description of the contribution, including:
Who the change affects or is for (stakeholders)?
Anyone who updates their ldap config
What is the change?
Check to see if there is an existing value in storage for password_policy and schema. If the request does not update these properties, maintain the original values.
Why is the change needed?
Values were getting deleted or set back to default.
How does this change affect the user experience (if at all)?
Related Issues/Pull Requests
Contributor Checklist
[ ] Add relevant docs to upstream Vault repository, or sufficient reasoning why docs won’t be added yet
[ ] Add output for any tests not ran in CI to the PR description (eg, acceptance tests)
password_policyandschemawere getting overwritten on update.Example:
Overview
A high level description of the contribution, including: Who the change affects or is for (stakeholders)? Anyone who updates their ldap config
What is the change? Check to see if there is an existing value in storage for
password_policyandschema. If the request does not update these properties, maintain the original values.Why is the change needed? Values were getting deleted or set back to default.
How does this change affect the user experience (if at all)?
Related Issues/Pull Requests
Contributor Checklist