Craig,
Whiteman, Craig schrieb (29.10.2012 11:59 Uhr):
A bug in a PHP script http://www.linuxquestions.org/questions/showthread.php?p=4813771 has caused some entries in the LDAP database http://www.linuxquestions.org/questions/showthread.php?p=4813771 to have invalid values:
by "invalid" you mean "not what I want" and not "technically invalid", right?
# James + Bond, people, mi6.gov.uk dn: cn=James+sn=Bond,ou=people,dc=mi6,dc=gov,dc=uk sn: Bond givenName: James cn:: U3RldmUg gecos:: U3RldmUg
Technically this is all fine, except that - as Roman pointed out - you did not craft your example well by not changing encodes "Steve" to "James".
As you can see, the *cn:* and *gecos:* have the invalid values - they should be *James Bond*.
They are not invalid, they are encoded, but this is fine.
I did attempt to correct the problem with ldapmodify by putting the following into a file called updateCN.ldif:
dn: cn=James+sn=Bond,ou=people,dc=mi6,dc=gov,dc=uk changetype:modify replace: cn cn: James Bond
Please learn more about LDAP in general and about DN and RDN. cn is part of your RDN, so the CN value in your RDN must be in your object. By trying to replace the cn, this is not true anymore.
It does not make thing easier that you have a RDN combined from two attributes.
I have also tried ldapmodrdn: ldapmodrdn -r -f updateCN.ldif with updateCN.ldif:
dn: cn=James Bond+sn=Bond,ou=people,dc=mi6,dc=gov,dc=uk cn=James Bond
$ ldapmodrdn -r -f updateCN.ldif
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)
additional info: SASL(-13): user not found: no secret in database
please read "man ldapmodrdn".
Marc