Overview#
LDAP_SERVER_PERMISSIVE_MODIFY is a SupportedControl which was defined by Microsoft stating that it "Allows an LDAP modify to work under less restrictive conditions. Without it, a delete will fail if an attribute done not exist, and an add will fail if an attribute already exists. No data is needed in this control."The Microsoft defined permissive modify request control. The OID for this control is 1.2.840.113556.1.4.1413, and it does not have a value.
This control can only be used with LDAP modify requests. It changes the behavior of the modify operation as follows:
- Attempts to add an attribute value which already exists will be ignored and will not cause an AttributeValueExists error result to be returned.
- Attempts to delete an attribute value which does not exist will be ignored and will not cause an NoSuchAttribute error result to be returned.
In other words, a modify request add modification ensures that the attribute contains the specified attribute value, and a delete modification ensures that the attribute does not contain the specified attribute value.
From what we can tell, this is passed in a Modify Request and there is no expected response.
