Today at 2:19pm, Michael Ströder wrote:
Frank Swasey wrote:
Today at 1:02pm, Dave Horsfall wrote:
What do people use for bulk updates? Examples would be changing the
"gidNumber" for a bunch of users, or shifting users from one OU/suffix
into another.
My ldap server is OpenLDAP, I use slapcat, followed by a custom perl script
that uses Net::LDAP's ldif abilities to read and write ldif files making
any changes I need to, followed by an ldap_diff and then an ldapmodify.
This is a combination of a command-line tool, a custom Perl script, another
Perl script and another command-line tool probably started as a Unix pipe.
Most times it's ok but it's a nightmare if you want to implement tighter
error handling.
I don't use pipes, I use human eyeballs and testing on a subset of
records to catch logic errors then run the series of commands
sequentially dealing with files.
So I'd rather recommend to implement a script which searches for the entries
to be modified via LDAP and directly apply the modifications entry-by-entry
via LDAP. So if anything goes wrong the script itself can decide based upon a
particular LDAP error code what to do (e.g. do some sanitizing, abort all
processing, etc.).
that works too. In my version, ldapmodify will yell and scream if I
messed up the ldif (and didn't catch it when I looked through it).
Both implementation variants always needs careful testing though!
absolutely!
Ciao, Michael.
---
You are currently subscribed to [email protected] as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE
as the SUBJECT of the message.
--
Frank Swasey | http://www.uvm.edu/~fcs
Sr Systems Administrator | Always remember: You are UNIQUE,
University of Vermont | just like everyone else.
"I am not young enough to know everything." - Oscar Wilde (1854-1900)
---
You are currently subscribed to [email protected] as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the
SUBJECT of the message.
