On 08/14/2012 06:36 AM, Grzegorz Dwornicki wrote:
I should look similat to this:
dn: uid=jsmith,ou=users,l=uk,dc=fosiul,dc=lan
changetype: modrdn
newrrdn: uid=new_uid_value
deleteoldrdn: 1
-
changetype: modify
replace: loginshell
loginshell: /bin/nologin
-
modify: userPassword
userPassword: asfasfasfasfasfasfasfdPQ=
note - there should be no blank lines above - it appears as though the
first "-" is preceded by a blank line - there should be no blank lines
Also - userPassword should be in clear text - do not send pre-hashed
passwords to the directory server.
For more information about ldif - man ldif
If you see "::" in userPassword this means that hash/password is
ecrypted in base64 before listing in ldif. This rule apply for other
attributes aswell. Usually it's used when attribute have some
non-ascii chars. Usually you don't need to worry about it because most
apps can handle this.
I wrote it by hand soo there may be some errors. The "-" signs are
important, They mean that operation on this entry are not finished and
they provide something like transactions in databases - I noticed this
myself. All operations on entry must be correct or none will be applied.
Greg.
send from htc desire z
14-08-2012 13:40, "Fosiul Alam" <fosiul(a)gmail.com
<mailto:fosiul@gmail.com>> napisał(a):
Hi
the theme of this script is , i need to modify uid , password,
loginshell
example
ldapsearch -xZZ -D "cn=Directory Manager" -w 'testtest' -b
"dc=fosiul,dc=lan" "(cn=Fosiul Alam)" loginshell uid
userPassword
# extended LDIF
#
# LDAPv3
# base <dc=fosiul,dc=lan> with scope subtree
# filter: (cn=Fosiul Alam)
# requesting: loginshell uid userPassword
#
# falam, users, UK, fosiul.lan
dn: uid=falam,ou=users,l=UK,dc=fosiul,dc=lan
loginshell: /bin/bash
uid: falam
userPassword::
e1NTSEF9MkpYSGI2bSs3OFk5SlcySG1kOVcxdjFVUFVHMVA3eXI0dFQvZ2c9PQ=
=
# search result
search: 3
result: 0 Success
So i need to modify it with
loginshell: /bin/nologin
uid: delete_falam
userPassword:: asfasfasfasfasfasfasfdPQ=
my first question is :
what would be the ldif file format for these changes ??
Thanks for your help .
--
389 users mailing list
389-users(a)lists.fedoraproject.org
<mailto:389-users@lists.fedoraproject.org>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users