Front page | perl.ldap |
Postings from November 2010
Re: LDIF file instead of updating directory
Thread Previous
|
Thread Next
From:
Graham Barr
Date:
November 29, 2010 13:47
Subject:
Re: LDIF file instead of updating directory
Message ID:
99A1CAF0-0BA8-40C5-9665-1DF5D0D0A1BD@pobox.com
On Nov 29, 2010, at 15:36 , Dan Cutler wrote:
> Hi all,
>
> I have a quick question about the Net::LDAP::LDIF module.
>
> I noticed that the LDIF module requires the use of Net::LDAP::Entry objects since its methods are all against Entry objects...
>
> The script snippet below is fully capable of updating the directory below, but I'd prefer to create LDIF files rather than direct updates.
If you create an LDIF object with
my $ldif = Net::LDAP::LDIF->new( "file.ldif", "w", changes => 1);
then you can call $ldif->write_entry($dne); for each entry
and call $ldif->done; at the end of your script. you should have an ldif file with changetype: modify entries in it.
Graham.
>
> If I uncomment these two lines, the script will update directly and it works.
>
> #my $result = $dne->update($AD_ldap);
> #$result->code && warn "failed to add entry for $user ", $result->error ;
>
> Unfortunately, the LDIF file only contains the DN of the user followed by an add line like this:
>
> dn: CN=Dan Cutler,OU=ClientX,DC=MyCompany,DC=com
> MyCompany-ClientKey: ClientX
>
> The LDIF file is missing everything else. (like "changetype: modify", and the new attribute name "MyCompany-ClientKey").
>
> Any Suggestions?
>
> Thanks!!
>
>
>
> $AD_ldap = Net::LDAP->new($AD_host) or die "$@";
>
> $ldif = new Net::LDAP::LDIF ('Mirgrate_ou_name_to_attr.ldif','w',
> encode => 'base64',
> change => '1');
>
> # bind for searches using system account
> my $AD_mesg = $AD_ldap->bind( $AD_bind_user, password => $AD_bind_pw, port => 3268);
> if ($AD_mesg->code) { print "AD bind failed with ", $AD_mesg->code , "\n"; }
>
>
> my $AD_result = $AD_ldap->search ( base => $base_dn,
> filter => '(objectclass=organizationalUnit)',
> scope => 'one',
> attrs => ['name']
> );
>
> my @AD_entries = $AD_result->entries;
>
>
> # Get AD OUs
> print "AD OUs =========================================\n";
>
> foreach my $ADentr ( @AD_entries ) {
> my $name = $ADentr->get_value('name');
> my $dn = $ADentr->dn();
> print "Finding users under OU $dn with name = $name...\n";
>
> my @users = users_under_ou($dn,'AD'); # sub returns all user DNs with scope=base and baseDN is the group DN
>
> foreach my $user (@users) {
> print "Modifying User $user setting MyCompany-ClientKey to $name\n";
> my $dne = Net::LDAP::Entry->new;
> $dne->dn($user);
> $dne->changetype('modify');
> $dne->add ( MyCompany-ClientKey => $name );
> #my $result = $dne->update($AD_ldap);
> #$result->code && warn "failed to add entry for $user ", $result->error ;
> #$dne->dump();
> $ldif->write($dne);
> }
> print "\n";
> }
>
> --Dan
Thread Previous
|
Thread Next