[Date Prev][Date Next]
Re: OpenLDAP Multiple User Import
On Thu, 2 Jan 2014, Michael Proto wrote:
> Have you tried adding a single "-" in a new line at the end of each
> entry before the blank newline? IIRC I have to do this when using
> ldapmodify commands in-line to indicate the end of a record and the
> beginning of a new one. Something like this:
Hmm? A review of the syntax in the LDIF spec (RFC 2849) or the examples
in the ldif(5) manpage would show that a "-" line is used only after
modify records with an explicit "add:", "replace:", or "delete:" line.
> dn: cn=blah,dc=domain
> objectClass: person
> cn: blah
A quick check shows ldapadd will reject that with an error like this:
adding new entry "cn=blah,dc=domain"
ldapadd: update failed: cn=blah,dc=domain
ldap_add: Bad parameter to an ldap routine (-9)
It's likely that the original poster's problem is that the blank line
between the entries isn't really blank but rather contains spaces. The
grammar only permits line-feeds and carriage-return line-feed pairs
between entries and not actual space characters. Putting a space there
makes it look like a continuation of the previous line, and the next "dn:"
line is just an attribute for the entry in progress.
So, use whatever tool you prefer ("cat -vet" is my preference) to verify
that the blank lines are really blank and that there aren't other hidden
characters in the input file.