Problems importing from LDIF file generated with python-ldap
Hi.
I am sorry if this is a stupid question. I have pretty basic knowledge
of both LDAP and python, and am having trouble with some scripts for
creating LDAP records, written by my predecessor.
This script worked fine from an Ubuntu 7.10 client environment before
the summer, but now, after actually upgrading to Ubuntu 8.04, the
script yields an error message when adding the user to groups, using
the modify changetype operator. The offending statement looks like
this:
#
dn: cn=audio,ou=Group,dc=ourdc,dc=no
changetype: modify
memberUid: newuser
#
The errormessage from ldapmodify:
#
[EMAIL PROTECTED]:~$ /usr/bin/ldapmodify -ZZ -h ldap.server -D
"cn=Manager,dc=ourdc,dc=no" -w passwrrd -x -a -f ./newaccounts.ldif
adding new entry "uid=newuser,ou=people,dc=ourdc,dc=no"
adding new entry "cn=newuser,ou=Group,dc=ourdc,dc=no"
ldapmodify: modify operation type is missing at line 26, entry
"cn=audio,ou=Group,dc=ourdc,dc=no"
[EMAIL PROTECTED]:~$
#
When I look in the LDAP docs, this looks reasonable, as it states that
you ned an "add: memberUid" statement with the changetype: modify. But
how come it worked before? And when I try to incorporate this into the
LDIF generator script, which uses python-ldap, it just won't work. The
relevant code looked like this:
#
# add the new user to a set of default groups:
# audio, cdrom, floppy, plugdev, video
entry={ 'changetype' : ['modify'],
'memberUid': [username],
}
dn='cn=audio,ou=Group,dc=ourdc,dc=no'
ldif_writer=ldif.LDIFWriter(newusers)
ldif_writer.unparse(dn,entry)
#
I thought I could add another element to the dict, "'add':
['memberUid']", but that's probably a naiive assumption, and wishful
thinking. When I add it between the changetype and memberuid elements,
it will appear in the top of the LDIF statement, which won't work:
My "improvement":
#
# add the new user to a set of default groups:
# audio, cdrom, floppy, plugdev, video
entry={ 'changetype' : ['modify'],
'add': ['memberUid'],
'memberUid': [username],
}
dn='cn=audio,ou=Group,dc=ourdc,dc=no'
ldif_writer=ldif.LDIFWriter(newusers)
ldif_writer.unparse(dn,entry)
#
Result:
dn: cn=audio,ou=Group,dc=ourdc,dc=no
add: memberUid
changetype: modify
memberUid: newuser
Here the add and changetype statements should be the other way
(changetype first, add afterwards), if I understand the docs right. If
I do that manually in the LDIF file, ldapmodify will add the user to
the audio group with no complaints. But I haven't been able to do that
thru the python-ldap libraries.
Could someone please point me to where I've totally misunderstood
here, or how I could make this right with python-ldap (adding the user
to audio group)?
Thanks from a noob.
Lars Erik
Lars Erik
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
___
Python-LDAP-dev mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
Re: Problems importing from LDIF file generated with python-ldap
Lars Erik Kolden wrote:
> ldapmodify: modify operation type is missing at line 26, entry
> "cn=audio,ou=Group,dc=ourdc,dc=no"
> [..]
> When I look in the LDAP docs, this looks reasonable, as it states that
> you ned an "add: memberUid" statement with the changetype: modify. But
> how come it worked before? And when I try to incorporate this into the
> LDIF generator script, which uses python-ldap, it just won't work.
I don't know why it worked in the past. The LDIF generator script is
wrong since it uses module ldif for generating entry records (provided
by a dict) instead of providing a modification list (list type) which
would make LDIFWriter.unparse() to generate a change record.
See __doc__ string in ldif.py:
class LDIFWriter:
[..]
def unparse(self,dn,record):
"""
dn
string-representation of distinguished name
record
Either a dictionary holding the LDAP entry {attrtype:record}
or a list with a modify list like for LDAPObject.modify().
"""
> relevant code looked like this:
>
> #
> # add the new user to a set of default groups:
> # audio, cdrom, floppy, plugdev, video
>
> entry={ 'changetype' : ['modify'],
> 'memberUid': [username],
> }
> dn='cn=audio,ou=Group,dc=ourdc,dc=no'
> ldif_writer=ldif.LDIFWriter(newusers)
> ldif_writer.unparse(dn,entry)
Should be:
modlist=[(ldap.MOD_ADD,'memberUid',[username])]
ldif_writer.unparse(dn,modlist)
BTW: Anyway I'd recommend to directly use a LDAP connection for this
task, not generate LDIF and then using command-line tools. This would
give you much better control in case of LDAP errors.
Ciao, Michael.
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
___
Python-LDAP-dev mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
Re: Problems importing from LDIF file generated with python-ldap
Thanks a lot, this worked perfectly! You really saved my day (or week,
for that matter). I will rewrite the script when I have the time and
maybe a better understanding of LDAP and Python-ldap.
Best regards,
Lars Erik
On Wed, Aug 13, 2008 at 3:28 PM, Michael Ströder <[EMAIL PROTECTED]> wrote:
> Lars Erik Kolden wrote:
>>
>> ldapmodify: modify operation type is missing at line 26, entry
>> "cn=audio,ou=Group,dc=ourdc,dc=no"
>> [..]
>> When I look in the LDAP docs, this looks reasonable, as it states that
>> you ned an "add: memberUid" statement with the changetype: modify. But
>> how come it worked before? And when I try to incorporate this into the
>> LDIF generator script, which uses python-ldap, it just won't work.
>
> I don't know why it worked in the past. The LDIF generator script is wrong
> since it uses module ldif for generating entry records (provided by a dict)
> instead of providing a modification list (list type) which would make
> LDIFWriter.unparse() to generate a change record.
>
> See __doc__ string in ldif.py:
>
> class LDIFWriter:
> [..]
> def unparse(self,dn,record):
>"""
>dn
> string-representation of distinguished name
>record
> Either a dictionary holding the LDAP entry {attrtype:record}
> or a list with a modify list like for LDAPObject.modify().
>"""
>
>> relevant code looked like this:
>>
>> #
>> # add the new user to a set of default groups:
>> # audio, cdrom, floppy, plugdev, video
>>
>> entry={ 'changetype' : ['modify'],
>> 'memberUid': [username],
>> }
>> dn='cn=audio,ou=Group,dc=ourdc,dc=no'
>> ldif_writer=ldif.LDIFWriter(newusers)
>> ldif_writer.unparse(dn,entry)
>
> Should be:
>
> modlist=[(ldap.MOD_ADD,'memberUid',[username])]
> ldif_writer.unparse(dn,modlist)
>
> BTW: Anyway I'd recommend to directly use a LDAP connection for this task,
> not generate LDIF and then using command-line tools. This would give you
> much better control in case of LDAP errors.
>
> Ciao, Michael.
>
-
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
___
Python-LDAP-dev mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
