Moving a user from one OU to another

612 views
Skip to first unread message

David Hahn

unread,
Aug 8, 2013, 11:36:36 AM8/8/13
to ruby...@googlegroups.com
I have hit a snag in my integration with Active Directory. I need to be able to move users from one OU to another. I'm using net-ldap 0.5.0 and have dug around in the source code and found out you could do this 

    $ldap.rename(
                 olddn: "cn=bradford ricechip,ou=agents,ou=ihs,ou=test environment,dc=ctatechs,dc=com", 
                 newrdn: "cn=bradford ricechip", 
                 new_superior: "ou=coach,ou=ihs,ou=test environment,dc=ctatechs,dc=com"
    ) 

 I'm getting: `#<OpenStruct code=53, error_message="00000057: LdapErr: DSID-0C090A95, comment: Old RDN must be deleted, data 0, v1772\x00", matched_dn="", message="Unwilling to perform">
`. I guess I don't understand how I can delete the old RDN then move the user to a new OU.

This is the only issue I'm having. If I need to provide anything else just let me know.

Lee Folkman

unread,
Jan 9, 2014, 4:51:34 PM1/9/14
to ruby...@googlegroups.com
Where you able to figure this out?  I posted to your Stack Overflow question.  It seems that adding 'delete_attributes: true' to your arguments is supposed to delete the old RDN; however it isn't working for me either.

dh...@ctatechs.com

unread,
Jan 9, 2014, 5:22:37 PM1/9/14
to ruby...@googlegroups.com

This is how we accomplished it:

@ldap.rename(olddn: user.dn, newrdn: "CN=#{user.cn.first}",  delete_attributes: truenew_superior: "#{new_ou},DC=ctatechs,DC=com")

it's been awhile since last working with it, but it still works for us. Also, we use the version on github not the rubygems version. I think it's the newest version available.

Lee Folkman

unread,
Jan 9, 2014, 5:57:26 PM1/9/14
to ruby...@googlegroups.com
I'm also using the version directly from github (0.5.0), but I'm still getting the "Unwilling to perform. Old RDN must be deleted" error.  We're using Samba4 active directory.  

Justin Stanczak

unread,
Jul 28, 2014, 3:53:03 PM7/28/14
to ruby...@googlegroups.com

Anyone figure this out?

Lee Folkman

unread,
Jul 28, 2014, 3:56:35 PM7/28/14
to ruby...@googlegroups.com

Justin Stanczak

unread,
Jul 31, 2014, 8:05:57 AM7/31/14
to ruby...@googlegroups.com
Thanks.

Rayhan Muktader

unread,
Dec 21, 2018, 4:44:44 PM12/21/18
to Ruby LDAP

 My understanding is that the following code should do the job. However, it returns false. There is no error, warning or exceptions. How do I debug why this isn't working?

secure_ldap.rename(
    olddn: self.dn, 
    newrdn: "CN=#{self.cn}", 
    delete_attributes: true, 
    new_superior: "#{ou}"
  )

Harry Sbr

unread,
Jan 16, 2019, 12:27:58 PM1/16/19
to Ruby LDAP
Hey. We're experiencing the same error. You can get the response with the get_operation_result method on your ldap connection object.
Reply all
Reply to author
Forward
0 new messages