Whiteman, Craig schrieb (29.10.2012 11:59 Uhr):
by "invalid" you mean "not what I want"
and not "technically invalid",
# James + Bond, people, mi6.gov.uk
Technically this is all fine, except that - as Roman pointed out - you
did not craft your example well by not changing encodes "Steve" to
As you can see, the *cn:* and *gecos:* have the invalid values -
should be *James Bond*.
They are not invalid, they are encoded, but this is fine.
I did attempt to correct the problem with ldapmodify by putting the
following into a file called updateCN.ldif:
dn: cn=James+sn=Bond,ou=people,dc=mi6,dc=gov,dc=uk changetype:modify
replace: cn cn: James Bond
Please learn more about LDAP in general and about DN and
cn is part of your RDN, so the CN value in your RDN must be in your
object. By trying to replace the cn, this is not true anymore.
It does not make thing easier that you have a RDN combined from two
I have also tried ldapmodrdn:
ldapmodrdn -r -f updateCN.ldif
dn: cn=James Bond+sn=Bond,ou=people,dc=mi6,dc=gov,dc=uk
$ ldapmodrdn -r -f updateCN.ldif
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Internal (implementation specific)
additional info: SASL(-13): user not found: no secret in database