It's not a different DN. It is the value of the 'member' attribute.
I don't believe they do need to have LF separators between attributes. The data I am feeding into ldapmodify was the same data I extracted from a slightly modified version of the ldapaddusertogroup script. So this is how that script does it also.
I can use the same format to make changes that are successful. For example adding only the memberUID works fine.
BTW the original extracted code had 'add:' instead of 'replace:' for the 'member' attribute. The code below is from one of my experimental variations. Both work the same however. NOT!
Any other ideas????
Why is the content of my request being altered like this?
cheers, darryl
Bjørn Ruberg wrote:
Darryl Moore wrote:
HELP
I've been able to replace nis.schema with rfc2307bis.schema so that I can have groups with both member and memberUID attributes.
when I try using ldapmodify to add members to the group such as:
echo "dn: cn=newgrou1,ou=Groups,dc=moores,dc=ca changetype: modify add: memberUid memberUid: newuser1 replace: member member: uid=newuser1,ou=People,dc=moores,dc=ca" | /usr/bin/ldapmodify -v -y /etc/ldap.secret -D cn=admin,dc=moores,dc=ca -xH ldap://localhost
Attributes fed to ldapmodify must be separated with line feeds. First line starts with dn:, next line starts with changetype:, etc. Different DNs can be separated with empty lines.