I have a reasonably large set of data in an LDAP server. Some of the attributes appear in many places, and I would like to replace them.
The data is not enormous, but it is enough to rule out editing and export manually.
What's the best approach for this? Use an LDAP tool to find and replace them? Write a script to modify the entries? Export data and edit it locally?
Any suggestions would be helpful.
Presumably you can find all the dn's for entries where these attributes replace with something like ldapsearch '(attribute=value)' |grep ^dn and then for each entry make a ldapmodify script, so, using a bit of Python:
from subprocess import Popen, PIPE
input=('searchoutput.txt')
for line in input:
dn = line.rstrip().split()[1]
modify_str = line
modify_str += 'changetype: modify\nreplace: attribute\nattribute: newvalue'
lm = Popen('ldapmodify <various args>', shell=True, stdin=PIPE, stdout=PIPE, stderr=PIPE)
(out, err) = lm.communicate(modify_str)
if lm.wait() != 0:
sys.stderr.write('ldapmodify of {0} failed:\n{1}'.format(dn, err))
I.e. for each entry you need to modify, generate a clause that states:
dn: MyEntryCN
changetype: modify
replace: attribute
attribute: newvalue
and feed that to ldapmodify (with the relevant authentication, etc command line arguments).
