Linux – Difference between openldap 2.3 and 2.4

ldaplinuxopenldap

There is a difference between openldap 2.3 and 2.4 – specifically with ldapmodify…

If no "changetype:" line is present, the default is "add" if the -a flag is set (or if the program was invoked as ldapadd) and "modify" otherwise.

If  changetype  is  "modify"  and  no "add:", "replace:", or "delete:" lines appear, the default is "replace" for ldapmodify(1) and "add" for ldapadd(1).

Does anyone have any idea how to make the 2.4 version of ldapmodify act the same way? Now my script tells me:

ldapmodify: modify operation type is missing at line xxxx

I have attempted to add the line "changetype: modify" after each dn: entry in the file I'm attempting to import, however this hasn't fixed the issue.

So, can someone clue in this stupid dude here on what I'm missing?

Example in ldif format:

# inactive, group, mydomain.net
dn: cn=inactive,ou=group,dc=mydomain,dc=net
cn: inactive
gidNumber: 9999
objectClass: top
objectClass: posixGroup

Best Answer

LDAP 2.3 needs at least only changetype atribute:

dn: uid=HOST$,ou=Computers,dc=example,dc=edu
changetype: modify
sambaSID: S-1-5-21-3806935310-923960185-3344722049-877

Version 2.4 requires additional atributes for modifying:

dn: uid=HOST$,ou=Computers,dc=example,dc=edu
changetype: modify
replace: sambaSID
sambaSID: S-1-5-21-3806935310-923960185-3344722049-877

Look at the string replace: sambaSID in the last example. On my Debian 6 first LDIF rise an error

# ldapmodify -v -xWD cn=root,dc=ecample,dc=edu -f wsmodify.ldif
ldap_initialize( <DEFAULT> )
Enter LDAP Password: 
ldapmodify: modify operation type is missing at line 3, entry "uid=HOST$,ou=Computers,dc=example,dc=edu"

Second LDIF example works fine:

# ldapmodify -v -xWD cn=root,dc=example,dc=edu -f wsmodify.ldif
ldap_initialize( <DEFAULT> )
Enter LDAP Password: 
replace sambaSID:
        S-1-5-21-3806935310-923960185-3344722049-877
modifying entry "uid=HOST$,ou=Computers,dc=example,dc=edu"
modify complete

Refer to http://www.zytrax.com/books/ldap/ch14/ for details about ldapadd and ldapmodify and http://www.zytrax.com/books/ldap/ch8/index.html#changetype for details about additional attributes.

Best regards.

Related Solutions

Ldapadd/ldapmodify: clarifications needed about these commands

The ldif for ldapmodify has a different syntax than a regular ldif. For example: if you want to add the 'foo' entry with value 'bar' you should write your ldif like this:

dn: cn=ToModify,dc=example,dc=com
changetype: Modify
add: foo
foo: bar

replace: mail
mail: new@email.com

delete: unneededEntry

This ldif will add the attribute foo with value bar, update the mail attribute to new@email.com and delete the unneededEntry. then invoke the ldapmodify command.

ldapmodify -f update.ldif

(if needed with other options like simple auth for example)

Ldap – Unable to add schema in OpenLDAP using run-time configuration cn=config

From what I can see in your LDIF you are missing the colon (:) after the olcAttributeTypes and olcObjectClasses keywords. Should look like this:

olcAttributeTypes: ( 1.3.6.1.4.1.4203.666.1.90
  NAME 'competence'
  ...

Best Answer

Related Solutions

Ldapadd/ldapmodify: clarifications needed about these commands

Ldap – Unable to add schema in OpenLDAP using run-time configuration cn=config

Related Topic