Thanks Graham,
I must still be missing something. I still get no changetype:modify or the new
attr in the LDIF file.
I changed my $ldif line to be this:
$ldif = Net::LDAP::LDIF->new ('changes.ldif','w', changes => '1');
And the other lines to be this:
...
my $dne = Net::LDAP::Entry->new;
$dne->dn($user);
$dne->changetype('modify');
$dne->add ( MyCompany-ClientKey => $name );
$ldif->write_entry($dne);
}
}
$ldif->done();
Am I still missing something or doing something else wrong?
Thanks again Graham!
-----Original Message-----
From: Graham Barr [mailto:[email protected]]
Sent: Monday, November 29, 2010 4:47 PM
To: Dan Cutler
Cc: [email protected]
Subject: Re: LDIF file instead of updating directory
On Nov 29, 2010, at 15:36 , Dan Cutler wrote:
> Hi all,
>
> I have a quick question about the Net::LDAP::LDIF module.
>
> I noticed that the LDIF module requires the use of Net::LDAP::Entry objects
> since its methods are all against Entry objects...
>
> The script snippet below is fully capable of updating the directory below,
> but I'd prefer to create LDIF files rather than direct updates.
If you create an LDIF object with
my $ldif = Net::LDAP::LDIF->new( "file.ldif", "w", changes => 1);
then you can call $ldif->write_entry($dne); for each entry
and call $ldif->done; at the end of your script. you should have an ldif file
with changetype: modify entries in it.
Graham.
>
> If I uncomment these two lines, the script will update directly and it works.
>
> #my $result = $dne->update($AD_ldap);
> #$result->code && warn "failed to add entry for $user ", $result->error ;
>
> Unfortunately, the LDIF file only contains the DN of the user followed by an
> add line like this:
>
> dn: CN=Dan Cutler,OU=ClientX,DC=MyCompany,DC=com
> MyCompany-ClientKey: ClientX
>
> The LDIF file is missing everything else. (like "changetype: modify", and the
> new attribute name "MyCompany-ClientKey").
>
> Any Suggestions?
>
> Thanks!!
>
>
>
> $AD_ldap = Net::LDAP->new($AD_host) or die "$@";
>
> $ldif = new Net::LDAP::LDIF ('Mirgrate_ou_name_to_attr.ldif','w',
> encode => 'base64',
> change => '1');
>
> # bind for searches using system account
> my $AD_mesg = $AD_ldap->bind( $AD_bind_user, password => $AD_bind_pw, port =>
> 3268);
> if ($AD_mesg->code) { print "AD bind failed with ", $AD_mesg->code , "\n"; }
>
>
> my $AD_result = $AD_ldap->search ( base => $base_dn,
> filter => '(objectclass=organizationalUnit)',
> scope => 'one',
> attrs => ['name']
> );
>
> my @AD_entries = $AD_result->entries;
>
>
> # Get AD OUs
> print "AD OUs =========================================\n";
>
> foreach my $ADentr ( @AD_entries ) {
> my $name = $ADentr->get_value('name');
> my $dn = $ADentr->dn();
> print "Finding users under OU $dn with name = $name...\n";
>
> my @users = users_under_ou($dn,'AD'); # sub returns all user DNs with
> scope=base and baseDN is the group DN
>
> foreach my $user (@users) {
> print "Modifying User $user setting MyCompany-ClientKey to $name\n";
> my $dne = Net::LDAP::Entry->new;
> $dne->dn($user);
> $dne->changetype('modify');
> $dne->add ( MyCompany-ClientKey => $name );
> #my $result = $dne->update($AD_ldap);
> #$result->code && warn "failed to add entry for $user ", $result->error ;
> #$dne->dump();
> $ldif->write($dne);
> }
> print "\n";
> }
>
> --Dan
