On Thu, 2 Jan 2014, Michael Proto wrote:
Have you tried adding a single "-" in a new line at the end of each entry before the blank newline? IIRC I have to do this when using ldapmodify commands in-line to indicate the end of a record and the beginning of a new one. Something like this:
Hmm? A review of the syntax in the LDIF spec (RFC 2849) or the examples in the ldif(5) manpage would show that a "-" line is used only after modify records with an explicit "add:", "replace:", or "delete:" line.
dn: cn=blah,dc=domain objectClass: person ... cn: blah
A quick check shows ldapadd will reject that with an error like this:
adding new entry "cn=blah,dc=domain" ldapadd: update failed: cn=blah,dc=domain ldap_add: Bad parameter to an ldap routine (-9)
It's likely that the original poster's problem is that the blank line between the entries isn't really blank but rather contains spaces. The grammar only permits line-feeds and carriage-return line-feed pairs between entries and not actual space characters. Putting a space there makes it look like a continuation of the previous line, and the next "dn:" line is just an attribute for the entry in progress.
So, use whatever tool you prefer ("cat -vet" is my preference) to verify that the blank lines are really blank and that there aren't other hidden characters in the input file.
Philip Guenther