[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: update with perl

alois blasbichler wrote:
> Hello list
> We use openldap 2.3.39.
> I want to add with a perl-script to all my users this attributes :
> objectClass: orcluser
> orclpassword: xxxxxxxxx
> I dont now how do that with a script.
> Actually my users haves this objectClasses :
> objectClass: top
> objectClass: hordePerson
> objectClass: shadowAccount
> objectClass: posixAccount
> objectClass: person
> objectClass: inetOrgPerson
> objectClass: SuSEeMailObject
> objectClass: sambaSamAccount
> I defined an :
> objectclass (
>                NAME 'inetorcluser'
>                DESC 'inetorcluser'
>                SUP ( inetOrgPerson $ orcluser ) STRUCTURAL
>             )
> And so  when i with an ldap-browser export an user, then after deleting
> this user i add in the ldif-datei  the followings attributes:
> objectClass: inetorcluser
> objectClass: orcluser
> orclpassword: xxxxxxxxx
> then i can  import this user fine.
> That for one user is ok but for a lot of users how can i do that - i
> tried with perl - but without success.

You can't change the structural objectClass of an entry: that would be a
violation of the LDAP data model.

With OpenLDAP's slapd you can do this only by means of the "relax"
control, which relaxes consistency checks __during__ an operation, only
requiring them to be in force at the end of the operation (namely, with
that control in place you can change the structural objectClass of an
entry, but the resulting entry must comply with the LDAP specifications).

In OpenLDAP 2.3, the "relax" control is called "manageDIT" (not to be
confused with "manageDSAit"), and its OID is
(it's experimental).

All you need to do consists in adding that control to the LDAP modify


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it