On 9/13/24 11:48 AM, Quanah Gibson-Mount wrote:
--On Friday, September 13, 2024 10:59 AM -0400 Brendan Kearney bpk678@gmail.com wrote:
sadly, my command-line-fu is lacking and most of the tools i use will not work (they all crash and cannot enumerate the base of dc=bpk2,dc=com). i am trying:
ldapdelete "cACertificate;binary,dc=bpk2,dc=com" and ldapdelete "cACertificate,dc=bpk2,dc=com"
but both attempts return:
ldap_delete: Invalid DN syntax (34) additional info: invalid DN
ldapdelete is for deleting entire entries. If you want to remove attributes, you use ldapmodify.
ldapmodify ... dn: ... changetype: modify delete: cACertificate
delete: cAPrivateKey
delete: objectClass objectClass: autoCA
--Quanah
i took several tries at this and each different try fails...
[brendan@x1titanium ~]$ ldapmodify SASL/GSSAPI authentication started SASL username: brendan@BPK2.COM SASL SSF: 256 SASL data security layer installed. dn: dc=bpk2,dc=com changetype: modify delete: cACertificate - delete: cAPrivateKey - delete: objectClass objectClass: autoCA
modifying entry "dc=bpk2,dc=com" ldap_modify: Undefined attribute type (17) additional info: cACertificate: requires ;binary transfer
ok, add the ";binary" string to the attribute to be deleted...
[brendan@x1titanium ~]$ ldapmodify SASL/GSSAPI authentication started SASL username: brendan@BPK2.COM SASL SSF: 256 SASL data security layer installed. dn: dc=bpk2,dc=com changetype: modify delete: cACertificate;binary - delete: cAPrivateKey;binary - delete: objectClass objectClass: autoCA
modifying entry "dc=bpk2,dc=com" ldap_modify: Invalid syntax (21) additional info: objectClass: value #0 invalid per syntax
ok, try deleting the attributes only, instead of the attributes and the objectClass all at once...
[brendan@x1titanium ~]$ ldapmodify SASL/GSSAPI authentication started SASL username: brendan@BPK2.COM SASL SSF: 256 SASL data security layer installed. dn: dc=bpk2,dc=com changetype: modify delete: cACertificate;binary - delete: cAPrivateKey;binary
modifying entry "dc=bpk2,dc=com" ldap_modify: Object class violation (65) additional info: unrecognized objectClass 'autoCA'
i have no idea why the attempts to delete the attributes and objectClass fail. is adding the ";binary" string to the attribute the correct action to overcome the error?
thanks,
brendan