Re: Query for attribute before adding new entry.
--On Wednesday, May 1, 2024 6:39 PM -0500 Shawn McKinney wrote: How about the slapo-unique overlay to enforce uniqueness across the DIT on the shared attribute and ldapmodify -c to continue on errors? Or, what am I missing here about the req's? That might be a solution? There's not enough detail in the requirements to say either way. --Quanah
Re: Query for attribute before adding new entry.
> On May 1, 2024, at 5:31 PM, Quanah Gibson-Mount wrote: > > > --On Wednesday, May 1, 2024 10:56 PM + "Singley, Norman" > wrote: > >> >> >> Hi All. >> >> >> >> I have had a question come down from our Enterprise information team – >> >> >> >> We currently create a separate identity in oldap for students vs >> faculty/staff, but want to start creating only one identity going >> forward. >> >> >> >> The DN in the ldif is unique for these two identities, but they do share >> a common attribute. >> >> >> >> Is there a way in the ldapmodify add process to query the whole directory >> for an attribute coming from the ldif file, and then if it doesn't >> exist reject the add for that identity, and then of course go on >> processing the rest of the file? >> >> >> >> My gut says no, or at least not without some scripting that I am not >> familiar with. > > There's not a lot of detail here that makes it easy to answer, but in general > I'd suggest using something like python-ldap, and then: > > query for attribute > exists? reject > doesn't exist? > modify or add > > It even has an LDIF parser, so you could theoretically give it your LDIF file > and have it process per-entry as noted above. You could do something similar > with Perl's perl-ldap module as well. > How about the slapo-unique overlay to enforce uniqueness across the DIT on the shared attribute and ldapmodify -c to continue on errors? Or, what am I missing here about the req’s? > --Quanah
Re: Query for attribute before adding new entry.
--On Wednesday, May 1, 2024 10:56 PM + "Singley, Norman" wrote: Hi All. I have had a question come down from our Enterprise information team – We currently create a separate identity in oldap for students vs faculty/staff, but want to start creating only one identity going forward. The DN in the ldif is unique for these two identities, but they do share a common attribute. Is there a way in the ldapmodify add process to query the whole directory for an attribute coming from the ldif file, and then if it doesn't exist reject the add for that identity, and then of course go on processing the rest of the file? My gut says no, or at least not without some scripting that I am not familiar with. There's not a lot of detail here that makes it easy to answer, but in general I'd suggest using something like python-ldap, and then: query for attribute exists? reject doesn't exist? modify or add It even has an LDIF parser, so you could theoretically give it your LDIF file and have it process per-entry as noted above. You could do something similar with Perl's perl-ldap module as well. --Quanah
Query for attribute before adding new entry.
Hi All. I have had a question come down from our Enterprise information team - We currently create a separate identity in oldap for students vs faculty/staff, but want to start creating only one identity going forward. The DN in the ldif is unique for these two identities, but they do share a common attribute. Is there a way in the ldapmodify add process to query the whole directory for an attribute coming from the ldif file, and then if it doesn't exist reject the add for that identity, and then of course go on processing the rest of the file? My gut says no, or at least not without some scripting that I am not familiar with. Thanks for your time. Norman Singley Directory Services / IT University of Montana 406 243 6799 norman.sing...@umontana.edu