问题
I am currently working with LDAP which is on a UNIX server. The main purpose for me right now is to modify two entries in the directory by Ldapmodify through command line. The command is as follows:
ldapmodify -a -D 'cn=ldap,dc=cs,dc=ttu,dc=edu' \
-w *password* -H *server address* -f Documents/user.ldif
user.ldif file is as follows:
dn: cn=*username*,cn=Users,dc=ttu,dc=edu
changetype: modify
replace: displayName
displayName: abc
-
replace: loginShell
loginShell: /bin/tc
-
I get the following error when i try to run it:
ldapmodify: invalid format (line 5) entry: "cn=*username*,cn=Users,dc=ttu,dc=edu"
I checked the "dn" and it is correct. Why am I getting this error then?
回答1:
I have a similar problem. In my case, my dn was correct, but it says "invalid format (line 16) ..." .
This is how I solved this: The error msg can be misleading, because the dn is indeed correct. But line number "(line 5)" is an accurate pointer to the problem. In your case, I think the dash '-' is causing the problem. Try to remove the dashes and it may work!
回答2:
is the cn RDN of the entry?
One can have an entry in directory sn=john, ou=Users .....
sn: john
cn: doe
displayName: johnny
the RDN is an attribute used as reference, in this case dn: cn=doe,....
would be wrong, no matter that the entry has an attribute in specified value. In the example you provided, DN is first line, and error says about 5th line. Assuming you put it in some batch, maybe SOME entry has some special character in it's CN ? And "Users" is usually an "ou" or "dc" or something, even if the container has "cn" attribute with "Users" as one of cn values. Are entries separated by empty newlines? Didn't you put minus sign after last modification of previous entry above, instead of one ( or more ) newline(s) ?
Oh, and when putting ldif with many entries ( changes ), it's wise to try it with "-n". And (actually for some reason I don't remember) I personally prefer to pipe ldif instead of "-f"
cat user.ldif | ldapmodify ...opts...
?
PS. haha :) try to remove "-a", it turns ldapmodify to ldapadd actually :) And add "-x" if you want to use "simple" auth ( with -w password ).
回答3:
It must be the problem of character encoding of dash(-)
I met the same problem before because I edited file on windows and used it on centOS in Virtualbox
Then I made a new file in centos using touch and edited it using vi and it works.
回答4:
I've ran into the same issue. In my case, I had an extra space after the dash (-) character separating the entries.
For example, note the space after the dash on line 5:
$cat -A sample.ldif
dn: uid=noelp,ou=People,dc=example,dc=co,dc=us$
changetype: modify$
replace: employeeType$
employeeType: fulltime$
- $
replace: title$
title: Sr IT Analyst$
-$
replace: employeeNumber$
employeeNumber: 1299$
Same issue can happen with a blank line with a space afer it.
来源:https://stackoverflow.com/questions/10787658/ldif-file-error-invalid-format