Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Creating an entry to add or modify values

156 views
Skip to first unread message

Dmitry Katsubo

unread,
May 11, 2009, 2:45:28 PM5/11/09
to perl...@perl.org
Dear Perl LDAP users!

I have some difficulties while trying to update the LDAP entry. I have
looked through the mail archive and I see that this topic is raised
quite often.

Ideally I would like to create an entry, that I would like to use either
for adding or for updating (the choice is not known at the moment of
creation). I see from debug output, that "changetype=add", but I call
$ldap->modify() which should override this...


=== CODE ===
my $entry = Net::LDAP::Entry->new();
my $ldif = Net::LDAP::LDIF->new(\*STDOUT, 'w', 'encode' => 'base64',
'change' => 1);

$entry->add('objectClass' => [ qw(inetOrgPerson mozillaAbPersonAlpha) ]);

# Somehow computed value, $1 = first name, $2 = surname:
$entry->dn("cn=$1 $2");

# These entries only when adding a new entry:
$entry->add(
'givenName' => $1,
'sn' => $2,
'cn' => "$1 $2",
'mail' => $contact->{email}
);

# These entries when adding/updating a new entry:
$entry->replace('mail' => $contact->{email});
$entry->replace('telephoneNumber' => $contact->{'telephone'});
$entry->replace('mobile' => $contact->{'mobile'});

eval { $ldap->search('base' => $entry->dn(), 'filter' => '(cn=*)',
'scope' => 'base', 'sizelimit' => 1) };

if ($@)
{
print "Adding " . $entry->dn() . "\n";
eval { $ldap->add($entry) };
carp $@ if $@;
}
else
{
print "Updating " . $entry->dn() . "\n";
$ldif->write_entry($entry);
$ldap->debug(15);
$ldap->modify($entry);
}
=== END OF CODE ===

=== OUTPUT ===
Updating cn=Dmitry Katsubo,cn=persons,cn=centurion

dn: cn=Dmitry Katsubo,cn=persons,cn=centurion
changetype: add
objectClass: inetOrgPerson
objectClass: mozillaAbPersonAlpha
givenName: Dmitry
sn: Katsubo
cn: Dmitry Katsubo
mail: Dmitry Katsubo <dmitry....@gmail.com>
mobile: +31 65 196-30-34

Net::LDAP=HASH(0x2165c1c) sending:

30 32 02 01 03 66 2D 04 29 63 6E 3D 44 6D 69 74 02...f-.)cn=Dmit
72 79 20 4B 61 74 73 75 62 6F 2C 63 6E 3D 70 65 ry Katsubo,cn=pe
72 73 6F 6E 73 2C 63 6E 3D 63 65 6E 74 75 72 69 rsons,cn=centuri
6F 6E 30 00 __ __ __ __ __ __ __ __ __ __ __ __ on0.

0000 50: SEQUENCE {
0002 1: INTEGER = 3
0005 45: [APPLICATION 6] {
0007 41: STRING = 'cn=Dmitry Katsubo,cn=persons,cn=centurion'
0032 0: SEQUENCE {
0034 : }
0034 : }
0034 : }
Net::LDAP=HASH(0x2165c1c) received:

30 0C 02 01 03 67 07 0A 01 00 04 00 04 00 __ __ 0....g........

0000 12: SEQUENCE {
0002 1: INTEGER = 3
0005 7: [APPLICATION 7] {
0007 1: ENUM = 0
000A 0: STRING = ''
000C 0: STRING = ''
000E : }
000E : }
=== END OF OUTPUT ===

I also tried the following:

$entry->changetype('modify')->update($ldap);

instead of

$ldap->modify($entry);

with no effect (also debug was not shown).
Can somebody give an advice how to update the entry correctly?

Thanks!

Dmitry Katsubo

unread,
May 14, 2009, 7:57:36 AM5/14/09
to perl...@perl.org
Hi all!

After some playing with the module I've found out, that the type of the
entity should be defined _before_ you are going to add or replace
something in it. That should be mentioned in Net::LDAP::Entry pod, I
think. So, if you do:

my $entry = Net::LDAP::Entry->new('DN');
$entry->add('givenName' => $1);


$entry->changetype('modify')->update($ldap);

It will not work (will simply do nothing). Instead one should write:

my $entry = Net::LDAP::Entry->new('DN');
$entry->changetype('modify');
$entry->add('givenName' => $1);
$entry->update($ldap);

So, if one want the entry to be OK both for adding and for replacing do
the following:

my $entry = Net::LDAP::Entry->new('DN'); # 'add' is default changetype
$entry->add('givenName' => $1); # only for addingg
$entry->changetype('modify');
$entry->replace('mail' => $2); # for adding and updating
$entry->add(...);
$entry->update($ldap);

Correct me, if I am wrong.

Thanks!

Peter Marschall

unread,
May 14, 2009, 10:29:27 AM5/14/09
to perl...@perl.org
Hi Dmitry,

On Thursday, 14. May 2009, Dmitry Katsubo wrote:
> So, if one want the entry to be OK both for adding and for replacing do
> the following:

What do you mean exactly by "one entry both for adding and replacing" ?
Do you want to add/replace attributes in an existing entry ?

Or do you want to create an Entry object, push it to the server and
hope it is correctly set up so that it can be added, when it does not
exist there yet, or modified if it already exists there?

If you know the DN already, why don't you do a
search(base => $DN, scope=>'base', filter=>'(objectclass=*)')
before and try to get the entry from the server.
If there is one, you get a nice Net::LDAP::Entry object with the
changetype set to 'modify'; if there is none, you know, you need
to create one yourself (where the changetype is automatically set
to 'add' ;-).

> my $entry = Net::LDAP::Entry->new('DN'); # 'add' is default changetype
> $entry->add('givenName' => $1); # only for addingg
> $entry->changetype('modify');
> $entry->replace('mail' => $2); # for adding and updating
> $entry->add(...);
> $entry->update($ldap);

Personally I do not consider this approach a safe one.

Regards
Peter
--
Peter Marschall
pe...@adpm.de

0 new messages