[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapmodify command question...

Looking at man page, I think I will have to run two instances of ldapmodify. If infile.ldif is my starting ldif file, I can run:

ldapmodify -D "cn=..." -w XXX -S noexist.ldif -x -r -f infile.ldif

The -r will cause existing entries to be overwritten (which I want), the -S will cause errors to be written to noexist.ldif and skipped. In my case, the errors would be entries where the dn does not exist in ldap. So, after the above, just run:

ldapmodify -D "..." -w XXX -x -a -f noexist.ldif

That effectively does what I want to achieve, right?!


On Aug 10, 2004, at 8:53 PM, Quanah Gibson-Mount wrote:

--On Tuesday, August 10, 2004 8:28 PM -0400 John Von Essen <john@essenz.com> wrote:

Is it possible to do the following:

I have a couple hundred DN's in an ldif file that look like:

dn: uid=bob,o=domain.com
uid: bob
mail: bob@domain.com
cn: Bob Jones

The question is some of the dn's in my ldif file are new and do not exist
in LDAP server (so I add them with -x -a -f). Some entries however, do
already exist in LDAP - but I want to get rid of what is currently in
LDAP and force the ADD of what is in the ldif file. The entry in ldif
might be identical to what is in LDAP, or it might be different - either
way, the data in the ldif file is superior.

I suggest a single pass first, finding what ones already exist. Delete them, then use ldapadd to add the entire file.


Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

John Von Essen (john@essenz.com)
President, Essenz Consulting (www.essenz.com)
Phone: (800) 248-1736
Fax: (800) 852-3387