Re: Modifying every entry in an LDAP address book

[Buchan Milne <bgmilne@staff.telkomsa.net>]

On Monday 14 July 2008 14:20:56 Carr, Chris wrote:
> Hi All,
>
> Apologies if this is a stupid question, but I can't find the answer via
> Google.
>
> I need to make the same modification to every entry in my address book.
> Can I do this with a single ldapmodify command? If so, what is the
> syntax for the mod file? I'm assuming something like this:
>
> dn: ??
> changetype: modify
> add: objectClass
> objectClass: evolutionPerson
>
> ... but I can't think what the DN would be, since I don't really
> understand how wildcards work in DNs, if at all.

You would have to do a search to generate a list of DNs.

E.g. something like this could work:

ldapsearch -LLL -x -D <dn_with_unlimited_size_access> -W -b 
ou=addressbook,dc=mydomain 1.1  |perl -p0e 's/\n\n/\nadd: 
objectclass\nobjectclass: evolutionPerson\n\n/g' | ldapmodify -c -x -D 
<dn_with_write_access> -W 

> The entries I want to 
> modify are all in ou=addressbook,dc=mydomain, but all have different
> cns.

What cn they have is irrelevant, the DN is all that matters.

> Second, some of the entries already have that object class - will this
> cause a problem? Will ldapmodify simply ignore those entries,

It will continue if you give it the -c flag, as documented in the man page.

> or create 
> a duplicate identical objectClass,

This is impossible.

> or crash? 

That would be a bug.

> Many thanks in advance,