ldapmodify – Troubleshooting File Content Changes on Linux

centoslinuxopenldap

I'm following the steps in this thread:
Basic openldap setup using slapd.d configuration

I created and saved my own .ldif file with the changes I needed and saved it as changes.ldif. Here is the contents of the file I made:

dn: olcDatabase={2}hdb,cn=config
changetype: modify

add: olcRootPW
olcRootPW: {SSHA}oRvzr9r1qQ7Cn3xN/efmeKJQzwS0wK6z

replace: olcRootDN
olcRootDN: cn=admin,dc=softura,dc=com

replace: olcSuffix
olcSuffix: dc=softura,dc=com

Then I executed the ldapmodify command:

ldapmodify -a -Q -Y EXTERNAL -H ldapi:/// -f changes.ldif

And I was told:

modifying entry "olcDatabse={2}hdb,cn=config"

So far so good, right? But if I then open the file olcDatabse={2}hdb.ldib… nothing has changed.

EDIT:

I've changed the content of my ldif file to:

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}oRvzr9r1qQ7Cn3xN/efmeKJQzwS0wK6z
-
replace: olcRootDN
olcRootDN: cn=admin,dc=softura,dc=com
-
replace: olcSuffix
olcSuffix: dc=softura,dc=com

Now when I execute the command, I get this:

ldap_modify: Inappropriate matching (18)

additional info: modify/add: olcRootPW: no equality matching rule

Best Answer

Check the syntax of your changes.ldif. In my example, there are lines with just a - in there. These denote the end of the data block for an LDAP operation (like add or replace).

See man 5 ldif and RFC 2849.

dn: olcDatabase={2}hdb,cn=config
changetype: modify
add: olcRootPW
olcRootPW: {SSHA}oRvzr9r1qQ7Cn3xN/efmeKJQzwS0wK6z
-
replace: olcRootDN
olcRootDN: cn=admin,dc=softura,dc=com
-
replace: olcSuffix
olcSuffix: dc=softura,dc=com

LDIF files are quite arcane...

Related Topic