On 16/12/2011 3:22 μμ, Hallvard Breien Furuseth wrote:
With 'changetype: modify', for every attribute type you need 'add:<attrtype>' in front and a line with just '-' after, to separate it from next attr.type. See 1st 'man ldapmodify' example.
Beyond that - it's usually easier to help when you give the error message and the command line you used, not just "it fails".
Thanks for the reply.
I have tried using ldapmodify and the following ldif file:
dn: uid=userx,ou=people,dc=example,dc=com changetype: modify add: ObjectClass objectClass: posixAccount - add: uidNumber uidNumber: 1700 - add: homeDirectory homeDirectory: /var/members/userx - add: gidNumber gidNumber: 48 - add: loginShell loginShell: /bin/false
I found that this works fine using the openldap ldapmodify tool. Unfortunately, however, it doesn't work with any other tool (that's why I didn't succeed before). I tried with phpLDAPadmin 1.1.0.7, JXplorer (3.3 beta) and ApacheDS (2.0.0 beta) and all return an error.
phpLDAPadmin: LDIF Parse Error / Description: The attribute to modify doesnt match the one specified by the add attribute. JXplorer: javax.naming.directory.InvalidAttributeIdentifierException: [LDAP: error code 17 - add: attribute type undefined] ApacheDS: #!ERROR Record is invalid
Some incompatibility in LDIF syntax perhaps? I'll continue testing to see what should be acceptable LDIF syntax for such tools.
Any feedback/experience will be welcome.
Thanks, Nick