[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapmodify is modifying my code

To: openldap-technical@openldap.org
Subject: Re: ldapmodify is modifying my code
From: Darryl Moore <darryl@moores.ca>
Date: Fri, 10 Jul 2009 13:17:12 -0400
In-reply-to: <hbf.20090710clzk@bombur.uio.no>
References: <4A576BA3.4080605@moores.ca> <4A576EC7.7000600@ruberg.no> <4A5770F5.20402@moores.ca> <hbf.20090710clzk@bombur.uio.no>
User-agent: Thunderbird 2.0.0.22 (X11/20090608)

Right you are. Thankyou. There really is no predicting what will happen
to your data when you work outside the spec.

I've changed it by moving my data into a file which now looks like this:

dn: cn=newgrou1,ou=Groups,dc=moores,dc=ca
changetype: modify
add: memberUid
memberUid: newuser1
add: member
member: uid=newuser1,ou=People,dc=moores,dc=ca

Then I run ldapmodify like this:

/usr/bin/ldapmodify -v -y /etc/ldap.secret -D cn=admin,dc=moores,dc=ca
-xH ldap://localhost -f ~/test.ldif

Now my reply is this:

ldap_initialize( ldap://localhost:389/??base )
ldapmodify: wrong attributeType at line 5, entry
"cn=newgrou1,ou=Groups,dc=moores,dc=ca"


Fingering my user and group reviels the following. (note the existing
member entry is from manually creating it via a GUI):


root@bison:~/ldapscripts.bkp# ldapfinger -g newgrou1
dn: cn=newgrou1,ou=Groups,dc=moores,dc=ca
objectClass: groupOfNames
objectClass: posixGroup
gidNumber: 65535
member: uid=test,dc=ca
description: Group account
cn: newgrou1


root@bison:~/ldapscripts.bkp# ldapfinger newuser1
dn: uid=newuser1,ou=People,dc=moores,dc=ca
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: shadowAccount
objectClass: posixAccount
cn: newuser1
sn: newsn
uid: newuser1
uidNumber: 65535
gidNumber: 100
homeDirectory: /home/newuser1
loginShell: /bin/bash
gecos: newuser1
description: User account
title: test


Any more pointers?

thanks,
darryl



Hallvard B Furuseth wrote:
> Darryl Moore writes:
>> It's not a different DN. It is the value of the 'member' attribute.
>>
>> I don't believe they do need to have LF separators between attributes.
> 
> Your belief is wrong.  Read - and believe - 'man ldif'.  Or read - and
> believe - the output from ldapmodify.  It told you it modified the entry
> named
>   "cn=newgrou1,ou=Groups,dc=moores,dc=ca changetype:
>   modify add: memberUid memberUid: newuser1 replace: member member:
>   uid=newuser1,ou=People,dc=moores,dc=ca"
> All of that is the DN it used.
> 
>> The data I am feeding into ldapmodify was the same data I extracted from
>> a slightly modified version of the ldapaddusertogroup script. So this is
>> how that script does it also.
> 
> So your extraction script is broken, maybe it did echo `something`
> instead of echo "`something`".  Or your cut&paste from the extraction is
> broken.
>

Follow-Ups:
- Re: ldapmodify is modifying my code
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

References:
- ldapmodify is modifying my code
  - From: Darryl Moore <darryl@moores.ca>
- Re: ldapmodify is modifying my code
  - From: Bjørn Ruberg <bjorn@ruberg.no>
- Re: ldapmodify is modifying my code
  - From: Darryl Moore <darryl@moores.ca>
- Re: ldapmodify is modifying my code
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: ldapmodify is modifying my code
Next by Date: Re: ldapmodify is modifying my code
Index(es):
- Chronological
- Thread