Goal

Implement a new "list-dn" option for dsidm tool in Directory server.

Existing "list" option only displays RDN, e.g. CN of an entry. When there are multiple entries of the same type with identical RDNs, but different DNs, they are undistinguishable in the result of "list" option. The "get" option that returns detailed info about the entry based on it's RDN, is not working as it cannot handle search with multiple results. Thus the user has no option to determine DNs of these entries with dsidm tool.

"list-dn" option would show the list of DNs of entries.

Example of the issue:

# dsidm localhost -b dc=example,dc=com role list
No objects to display

# dsidm localhost -b dc=example,dc=com role create-managed --cn test_role
Successfully created test_role

# dsidm localhost -b dc=example,dc=com role get test_role

dn: cn=test_role,dc=example,dc=com
cn: test_role
objectClass: nsSimpleRoleDefinition
objectClass: nsManagedRoleDefinition
objectClass: nsRoleDefinition
objectClass: ldapSubEntry
objectClass: top

{{# (adding another, filtered role via ldapmodify) }}
Enter LDAP Password: 
adding new entry "cn=test_role,ou=people,dc=example,dc=com"

# dsidm localhost -b dc=example,dc=com role list
test_role
test_role

# dsidm localhost -b dc=example,dc=com role get test_role
Error: Too many objects matched selection criteria: test_role (&(&(objectclass=top)(objectclass=LDAPsubentry)(objectclass=nsRoleDefinition))(|(cn=test_role)))