Ldapadd/ldapmodify: clarifications needed about these commands

ldapldifopenldapubuntu-10.04

The ldapmodify man page states that:

The default for ldapmodify is to modify existing entries

Yet when I try to import an LDIF file with ldapmodify I get the below error:

ldapmodify: modify operation type is missing at line X

Q1: Why, which arguments should I add to my ldapmodify command?

If I import an LDIF file using ldapadd and the entry already exists I get the below error:

ldap_add: Already exists (68)

This can be ignored using the -c switch (for continue), however ldap_add won't update existing entries. Instead, in order to update existing entries one should use ldapmodify, however ldapmodify won't add missing entries.

Q2: Is there a way to import an LDIF files by creating missing entries AND updating existing ones at the same time?

Best Answer

The ldif for ldapmodify has a different syntax than a regular ldif. For example: if you want to add the 'foo' entry with value 'bar' you should write your ldif like this:

dn: cn=ToModify,dc=example,dc=com
changetype: Modify
add: foo
foo: bar

replace: mail
mail: new@email.com

delete: unneededEntry

This ldif will add the attribute foo with value bar, update the mail attribute to new@email.com and delete the unneededEntry. then invoke the ldapmodify command.

ldapmodify -f update.ldif

(if needed with other options like simple auth for example)

Best Answer

Related Solutions

OpenLDAP – Troubleshooting OpenLDAP Replication Problem

Ubuntu – ldapadd with automatic support for replace if entry already exists

Related Topic