[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP editing software..

>  This is more of a philisophical question. I've beaten LDAP support into
> the version of TCL that AOLserver uses, and have a test TCL script that
> lets you view data on users. However, although LDAP Explorer is nice to
> view stuff, and add/change attributes, I now want to do some heavy work.
>  I just realised I'd no idea how to go about doing something like
>  "add an attribute to all entries under ou=3DPeople... called "status", and
> set it to "system" if the UID was less than 500, or set it to "staff" if
> they were above 500.
>  Are there any favoured ways of making such sweeping changes ? I was
> thinking of writing a tcl script to read each entry, and do the
> inspection/adding manually. Only its effort. And I think it's going to be
> effort no matter how I go about it.

I use ldap_mod_attr.pl written by Andrew J Cosgriff - which I think came as
an example program for the Perl Net::LDAPapi module (which you can find on

It takes an LDAP search filter as one of its arguments, so to solve many
problems I would do something like

ldap_mod_attr.pl 'uid>500' 'status=staff'

Unfortunately for your particular case I suspect the LDAP comparisons are
probably string compares rather than integer but the program is an extremely
useful addition to your toolkit.

	John Lines

This transmission contains information which may be confidential and  
which may also be privileged.  It is intended for the named addressee  
only.  Unless you are the named addressee, or authorised to receive it 
on behalf of the addressee you may not copy or use it, or disclose it 
to anyone else.  If you have received this transmission in error please 
contact the sender.  Thank you for your cooperation.