Re: adding objectClass and Attributes to existing users

["Medievalist" <ldap@HBCS.Org>]

Personally, I stop slapd, slapcat the database (which gives me a backup ldif in 
case I screw up), use gawk to make the modifications I want, rename the old 
database files in /var/lib/ldap (which gives me a backup db in case I screw up) 
and slapadd the gawk'ed ldif back in.  

Some people prefer perl, but I just write awk scripts on the fly which run 
faster anyway.  Either way the scripting's pretty easy. For example:

gawk '{print $0};/^dn:.+ou=People/{print "objectclass: ShadowAccount"}' 
old.ldif >nu.ldif

will tack a ShadowAccount objectclass on each entry in ou=People (watch out for 
case sensitivity in these kinds of things, though).  Obviously this is a very 
trivial example; to actually populate the shadow fields would take more code.

Ldapadd'ing to a live database doesn't give you a very good backout strategy, 
by comparison, and it's slow compared to slapadd.  Also, by having slapd turned 
off while you are munging your data, you avoid having other processes change 
data while you aren't looking.

--Charlie

PS: Mad props to Arnold Robbins for g(nu)awk, the best awk there is!
--C


On 6 Apr 2004 at 16:34, Jason Gray wrote:
>
> Is there a script out there that will allow me to add a series of new
> ObjectClass and Attributes to existing users?
> 
> I need to add these ObjectClasses:
> 
> inetMailRouting
> inetMailUser
> inetSubscriber
> shadowAccount
> 
> 
> I need to add these Attributes with values:
> 
> inetAuthorizedServices = cn=pop3,ou=inet,dc=bardel,dc=ca
> inetMailUserVersion = etc
> inetSubscriberStatus = etc
> mail = etc
> mailDeliveryOption = etc
> mailHost = etc
> mailQuota = etc
> 
> I have 120 users on the system and to manually add each ObjectClass and
> Attribute will take forever.  Can I use the ldapadd function?
> 
> Thanks,
> 
> Jason
>