hello,
just a little follow-up:
- this is quick and dirty. it assumes cn is monovalued which may not be true in your DIT - I assume you just wanted a quick script for a oneshot. if you want a script that you can regularly run to "fix" your database, you should take the time to properly write one with perl, python or whatever
I usually use bash+awk for quick & dirty, but I took the time to rewrite the script in python using the python-ldap library:
LDAP_URL = 'ldap://server' USER_DN = 'cn=writer,dc=domain,dc=tld' CREDENTIALS = 'supersecret' BASE_DN = 'dc=domain,dc=tld' FILTER = '(&(ou:dn:=people)(!(ou=system))(!(displayName=*)))'
import ldap l = ldap.initialize(LDAP_URL) l.bind_s(USER_DN, CREDENTIALS, ldap.AUTH_SIMPLE) result = l.search_s(BASE_DN, ldap.SCOPE_SUBTREE, FILTER, ['cn']) for dn, entry in result: l.modify_s(dn, (ldap.MOD_REPLACE, 'displayName', entry['cn'][0])) l.unbind_s()
enjoy, regards, Jephté
2017-02-01 19:52 GMT+04:00 Jephte Clain jephte.clain@univ-reunion.fr:
using michaël's filter, you could try this:
ldapsearch [options] '(&(ou:dn:=people)(!(ou=system))(!(displayName=*)))' cn | awk ' /^dn:/ { print print "changetype: modify" print "replace: displayName" next } /^cn:/ { sub(/^cn/, "displayName") } { print } ' | ldapmodify [options]
we aren't doing your homework, are we? :-)
regards, Jephté
2017-02-01 18:50 GMT+04:00 Michael Ströder michael@stroeder.com:
Nick Milas wrote:
Does anyone have a ready-made script (e.g. bash) that would do the
following:
Loop on all entries in the ou=people branch where ou <> "system" { If attribute DisplayName does not exist{ Set DisplayName to the value of attibute cn } }
You could use this LDAP filter to retrieve all entries you have to modify and their 'cn' attribute:
(&(ou:dn:=people)(!(ou=system))(!(displayName=*)))
Applying this simple LDIF to all the entries found is left as exercise to the reader:
dn: cn=dummy,ou=people,dc=example,dc=com changetype: modify add: displayName displayName: <value taken from 'cn'>
Ciao, Michael.