如何使用LDIF删除LDAP中的一个属性?我试图删除uniqueMember: cn=jsmith,ou=users,dc=s2rsolutions,dc=com有人可以告诉我LDIF这样做吗?
dn: cn=USER,ou=groups,dc=s2rsolutions,dc=com
objectClass: groupOfUniqueNames
cn: USER
uniqueMember: cn=jsmith,ou=users,dc=s2rsolutions,dc=com
uniqueMember: cn=guest,ou=users,dc=s2rsolutions,dc=com
uniqueMember: cn=admin,ou=users,dc=s2rsolutions,dc=com
uniqueMember: cn=ford,ou=users,dc=s2rsolutions,dc=com
问题描述:
\nAttributeError: module 'base64' has no attribute 'decodestring'在 python 3.9.6 上运行时出现错误
重现步骤:
\n下面是一个虚拟程序,在 python 3.9.6 上运行时,我收到 `AttributeError: module 'base64' has no attribute 'decodestring'`` 错误:
\nfrom ldif3 import LDIFParser\n\nparser = LDIFParser(open('dse3.ldif', 'rb'))\nfor dn, entry in parser.parse():\n if dn == "cn=Schema Compatibility,cn=plugins,cn=config":\n if entry['nsslapd-pluginEnabled'] == ['on']:\n print('Entry record: %s' % dn)\n错误信息:
\npython3.9 1.py \xee\x82\xb2 \xe2\x9c\x94 \xee\x82\xb3 \xef\x80\x93 \xee\x82\xb2 venvpy3.9 \xee\x9c\xbc \xee\x82\xb2 11:12:01 \xef\x80\x97\nTraceback (most recent call last):\n File "/Users/rasrivas/local_test/1.py", line 4, in <module>\n for …我有一个由一组测试用户组成的LDIF文件,我想更改这些用户的密码.
我使用了ldapmodify命令:
ldapmodify -c -a -f filename.ldif -h localhost -p <port> -D dn -w <pwd> << !
dn: uid=<userid>,dc=<branch>,DC=COM
changetype: modify
replace: userPassword
userPassword: <new pwd>
!
我收到以下错误:
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
我正在使用ActiveDirectoryLdapAuthenticationProvider带有Spring Boot 的Spring Security (基于注释的配置)来使用Active Directory进行身份验证并生成令牌.一切正常.
我希望添加一些模拟整个过程的集成测试,我想可能会使用Spring嵌入式LDAP服务器.
我在网上找到的另一个例子中添加了这个ldif文件.
#Actual test data
dn: dc=test,dc=com
objectclass: top
objectclass: domain
objectclass: extensibleObject
dc: local
# Organizational Units
dn: ou=groups,dc=test,dc=com
objectclass: top
objectclass: organizationalUnit
ou: groups
dn: ou=people,dc=test,dc=com
objectclass: top
objectclass: organizationalUnit
ou: people
# Create People
dn: uid=testuser,ou=people,dc=test,dc=com
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
cn: Test
sn: User
uid: testuser
password: secret
# Create Groups
dn: cn=developers,ou=groups,dc=test,dc=com
objectclass: top
objectclass: groupOfUniqueNames
cn: developers
ou: developer
uniqueMember: uid=testuser,ou=people,dc=test,dc=com
dn: cn=managers,ou=groups,dc=test,dc=com …active-directory spring-security ldif spring-security-ldap spring-boot
我正在尝试通过LDIF文件应用配置.我在LDAP服务器上以管理员身份绑定,我收到以下错误消息:
LDAP:错误50 - 访问权限不足
我作为管理员绑定,我能够执行任何查询或任何更改,如创建新条目,修改现有条目等.
我不知道还有什么可做的,因为我已经作为管理员绑定了.此外,我甚至构建了一个全新的LDAP服务器来测试它,我也无法应用任何LDIF文件.
我正在使用Apache Directory Studio LDIF编辑器工具来推送LDIF文件,如下所示:
dn: olcDatabase={1}hdb,cn=config
changetype: modify
add: olcAccess
olcAccess: {0}to attrs=userPassword,shadowLastChange
by cn=replicator,ou=Users,dc=example,dc=com write
-
add: olcDbIndex
olcDbIndex: entryUUID eq
-
add: olcDbIndex
olcDbIndex: entryCSN eq
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: {1}syncprov
dn: olcOverlay=syncprov,olcDatabase={1}hdb,cn=config
changetype: add
objectClass: olcOverlayConfig
objectClass: olcSyncProvConfig
olcOverlay: {0}syncprov
olcSpCheckpoint: 100 10
olcSpSessionlog: 100
有人可以帮我解决这个问题吗?到目前为止,我已阅读了大量文章,但没有成功.
我正在调查各种LDAP操作的脚本.但是,我在Active Directory用户创建方面遇到了一些速度提升.
通过以下ldapmodify命令加载时,以下LDIF失败:
dn: CN=Frank,CN=Users,DC=domain,dc=local
changeType: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Frank
userPrincipalName: frank@domain.local
sAMAccountName: frank
givenName: Frank
sn: Stein
displayName: Frank Stein
description: Frankenstein's User
userAccountControl: 512
unicodePwd: "AnExamplePassword1!"
尝试通过LDIF添加用户时,我使用以下命令:
ldapmodify -H 'ldaps://<ip-of-server>:636' -D 'DOMAIN\Administrator' -x -W -f frank-add.ldif
此操作失败,并显示以下错误:
ldap_add: Server is unwilling to perform (53)
additional info: 0000001F: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0
这是拒绝用户的密码策略的问题.
但是,以下Python脚本有效:
#!/usr/bin/python
import ldap
import ldap.modlist as modlist
AD_LDAP_URL='ldaps://<ip-of-server>:636'
ADMIN_USER='DOMAIN\Administrator'
# User must be …我在Apache Directory Studio中创建了一个服务器.我还创建了一个分区,并将一些条目插入到Java服务器中.现在我想以编程方式备份和恢复此数据和LDIF文件.我是LDAP新手.所以请告诉我一个详细的方法,使用java从我的服务器以编程方式导入和导入条目到LDIF.
现在我使用这种方法进行备份:
EntryCursor cursor = connection.search(new Dn("o=partition"), "(ObjectClass=*)", SearchScope.SUBTREE, "*", "+");
Charset charset = Charset.forName("UTF-8");
Path filePath = Paths.get("src/main/resources", "backup.ldif");
BufferedWriter writer = Files.newBufferedWriter(filePath, charset);
String st = "";
while (cursor.next()) {
Entry entry = cursor.get();
String ss = LdifUtils.convertToLdif(entry);
st += ss + "\n";
}
writer.write(st);
writer.close();
为了恢复,我使用这个:
InputStream is = new FileInputStream(filepath);
LdifReader entries = new LdifReader(is);
for (LdifEntry ldifEntry : entries) {
Entry entry = ldifEntry.getEntry();
AddRequest addRequest = new AddRequestImpl();
addRequest.setEntry(entry);
addRequest.addControl(new ManageDsaITImpl()); …How to validate an LDIF?
Similar to XML, XMLSchema and Schematron are there any libraries to validate an LDIF with an LDAP schema?
我的ldif文件中有一些条目使得我的转储对下一次导入不利.
sambaPasswordHistory: 712BC301C488FD2651BEF5AA11899950547B9ED3C059FF83CE39049B
BAEECB31692629A94A3C1F4737E3EA854C001704793DB9A67EB977563CE601DF98E7E23C2851F
082D3D695C8655378629DCCDAF125ACA63141B361190ABC750AF403FDEF000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000
homeDirectory: /home_nfs/
如何使用sed/awk/etc将其更改为
sambaPasswordHistory: 712BC301C488FD2651BEF5AA11899950547B9ED3C059FF83CE39049BBAEECB31692629A94A3C1F4737E3EA854C001704793DB9A67EB977563CE601DF98E7E23C2851F082D3D695C8655378629DCCDAF125ACA63141B361190ABC750AF403FDEF000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
homeDirectory: /home_nfs/
阿卡让一切都在一条线上
我从LDAP服务器导出了以下ldif文件,现在我正在尝试导入它,以便我可以复制我从中导出的目录:
dn: cn=MYCOMPANY Users,dc=mycompany,dc=com
changetype: add
objectClass: posixGroup
objectClass: top
cn: MYCOMPANY Users
gidNumber: 1001
dn: cn=jim smith,cn=MYCOMPANY Users,dc=mycompany,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
givenName: jim
cn: jim smith
sn: smith
gidNumber: 1000
homeDirectory: /home/users/arolls
uid: jsmith
uidNumber: 1038
userPassword: {MD5}X03MO1qnZdYdgyfeuILPmQ==
dn: cn=dave jones,cn=MYCOMPANY Users,dc=mycompany,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
givenName: dave
userPassword: {MD5}FhCDh0PMkOPk/dp0goLZuA==
loginShell: /bin/sh
cn: dave jones
sn: dave
gidNumber: 1000
homeDirectory: /home/users/dave
uid: dave
uidNumber: 1006
我正在尝试使用它导入它
LDIFReader r = new LDIFReader(resourceAsStream);
LDIFChangeRecord readEntry = …ldif ×10
ldap ×8
java ×2
apacheds ×1
awk ×1
openldap ×1
python ×1
python-3.x ×1
schema ×1
sed ×1
spring-boot ×1
validation ×1