Hello, I have a script which reads phone numbers from a CSV file and stores them in Active Directory (w2k3), so that you can find a user phone number in the address book of Exchange.
I get error messages: "comment: Error in attribute conversion operation, data 0, vece" which I can get rid of only if I set every new empty value to some string, for example to "n/a". After some searching I've found a suggestion to set LDAP_SERVER_PERMISSIVE_MODIFY_OID so that AD does not prevent me from emptying empty values: http://msdn.microsoft.com/en-us/library/aa366984.aspx Does anybody please know how to set it in Net::LDAP? And what value should I use, "1.2.840.113556.1.4.1413"? Thank you Alex PS: Here is my entire script: #!/usr/bin/perl -wT use strict; use Net::LDAPS; use Data::Dumper; $ENV{PATH} = '/bin:/usr/bin'; $Data::Dumper::Useqq = 1; use constant ROOTDN => 'OU=User Accounts,DC=XXXX,DC=com'; use constant DOMAIN => 'XXXX.com'; use constant SERVER => ['ablwdc01.' . DOMAIN, 'ablwdc02.' . DOMAIN, 'ablwdc03.' . DOMAIN]; use constant ADMIN => 'Admin'; use constant ADMPW => 'XXXXXX'; my ($ldap, $search, $mod, $href, %phones); $ldap = Net::LDAPS->new(SERVER) or die('Can not connect to LDAP server'); $ldap->bind(ADMIN . '@' . DOMAIN, password => ADMPW) or die('Can not bind to LDAP server as ' . ADMIN); while(<>) { tr/"//d; tr/\r//d; next unless /^([^,]+),[^,]+,([^,]*),([^,]*),([^,\n]*)/; my ($full, $home, $mobile, $fax) = ($1, $2, $3, $4); $full =~ s/\xDF/ss/g; # replace german umlauts by asterisks $full =~ s/[\xC0-\xFF]/\*/g; # split full name in first and last name next unless $full =~ /^(\S+)\s+(\S+)$/; my ($last, $first) = ($1, $2); my $filter = "(&(objectCategory=Person)(objectClass=User) (givenName=$first)(sn=$last))"; # WORKAROUND: AD does not like it if you set # empty attributes to empty, so use 'n/a' as default $phones{$filter} = {HOME => $home || 'n/a', MOBILE => $mobile || 'n/a', FAX => $fax || 'n/a'}; } #print Dumper(\%phones); while (my ($filter, $href) = each %phones) { $search = $ldap->search( base => ROOTDN, attrs => [qw(givenName sn)], filter => $filter, sizelimit => 1, ); $search->code() && die $search->error(); foreach my $entry ($search->entries()) { my $givenName = $entry->get_value('givenName'); my $sn = $entry->get_value('sn'); next unless $givenName && $sn; printf STDERR "%-16s %-16s -> %16s %16s %16s\n", $givenName, $sn, $href->{HOME}, $href->{MOBILE}, $href->{FAX}; $mod = $ldap->modify($entry, replace => { homePhone => $href->{HOME}, mobile => $href->{MOBILE}, facsimileTelephoneNumber => $href->{FAX} }); $mod->code() && die 'Failed to modify user: ' . $mod- >error(); #$entry->dump; } } $ldap->unbind();
