On 06/26/2014 07:59 AM, Rich Megginson wrote:
On 06/26/2014 07:50 AM, Audun Røe wrote:
Hello,
I'm trying to delete some problematic entries from our 389 directory.
The entry DNs contain < and > (probably found their way into the
directory years ago). This causes problems with JNDI where DNs from
search results are fed directly back into more searches because these
particular DNs are somehow returned in in escaped form. E.g.
ou=my<problematic>entry,dc=example,dc=com becomes
ou=my\<problematic\>entry,dc=example,dc=com, causing error 32. I'm
not sure if it's the directory server or JNDI adding the escaping, as
ldapsearch from the command line doesn't seem to behave this way, but
it doesn't really matter: I want to remove the entries and get rid of
the issue. Unfortunately, I'm unable to:
$ ldapdelete -D "cn=directory manager" -WxH "ldap://example.com:389
<http://example.com:389>" "ou=my<problematic>entry,dc=example,dc=com"
Enter LDAP Password:
ldap_delete: Invalid DN syntax (34)
additional info: DN value invalid per syntax
I've also tried deleting through Apache Directory Studio, error 34
there as well.
So, any ideas on how to get rid of them? The only thing I can think
of is to db2ldif the entire directory, manually excise the entries
from the LDIF file and then re-import. But I'd rather not take this
step unless there's no other way.
You could try disabling syntax checking - nsslapd-syntaxcheck
Sorry - disable DN syntax checking - I believe that may be different
than regular syntax checking
-Audun
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
