[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
I wrote a script to automate using ldapdelete
Hi everybody
I read the archives and I discovered that you can use ldapdelete to:
- delete only last leaves of the directory tree
- run it multiple times with -c parameter (continue on error), until all
levels of directory tree are deleted
So I wrote a short shell script "anteldapdelete.sh"
that reverses the order of LDIF file created by ldapsearch
and generates an LDIF file (usable later while running ldapdelete one time
only)
I discovered that:
- ldapsearch creates files with a maximum column size
and continue on next line leaving a blank as first char
- ldapadd accept files in the form:
"dn: ou=myou, dc=mydomain, dc=c
om" (note that this line has a blank as first char)
while ldapdelete accept file without "dn: " and only on a single line, that
is:
"ou=myou, dc=mydomain, dc=com"
I assume those are expected behaviours of ldapsearch, ldapadd, ldapdelete,
aren't they?
In case anyone is interested, attached are the 6 steps which I use my script
(which might be greatly
improved) for, on a Sun box.
Regards
Oscar
############################
1)
>ldapsearch -b 'ou=organiunity,o=domain.ch' -s sub '(objectclass=*)'
namingContexts > ./dn.ldif
2)
>cat ./dn.ldif
# extended LDIF
#
# LDAPv3
# base <ou=organiunity,o=domain.ch> with scope sub
# filter: (objectclass=*)
# requesting: namingContexts
#
# organiunity, domain.ch
dn: ou=organiunity,o=domain.ch
# ctscApplicationDataRepository, organiunity, domain.ch
dn: ou=ctscApplicationDataRepository,ou=organiunity,o=domain.ch
# ctscPolicyRepository, organiunity, domain.ch
dn: ou=ctscPolicyRepository,ou=organiunity,o=domain.ch
# ctscAdminRepository, organiunity, domain.ch
dn: ou=ctscAdminRepository,ou=organiunity,o=domain.ch
# PolicySequence, ctscApplicationDataRepository, organiunity, domain.ch
dn:
cn=PolicySequence,ou=ctscApplicationDataRepository,ou=organiunity,o=domain
.ch
# ApplicationDataSequence, ctscApplicationDataRepository, organiunity,
domain
.ch
dn:
cn=ApplicationDataSequence,ou=ctscApplicationDataRepository,ou=organiunity
,o=domain.ch
# AdminSequence, ctscApplicationDataRepository, organiunity, domain.ch
dn:
cn=AdminSequence,ou=ctscApplicationDataRepository,ou=organiunity,o=domain.
ch
# ExtendedAttributeOID, ctscApplicationDataRepository, organiunity,
domain.ch
dn:
cn=ExtendedAttributeOID,ou=ctscApplicationDataRepository,ou=organiunity,o=
domain.ch
# Default Password Policy, ctscPolicyRepository, organiunity, domain.ch
dn: cn=Default Password
Policy,ou=ctscPolicyRepository,ou=organiunity,o=domain
.ch
# Default Administrative Group, ctscAdminRepository, organiunity, domain.ch
dn: cn=Default Administrative
Group,ou=ctscAdminRepository,ou=organiunity,o=do
main.ch
# Default Administrative Role, ctscAdminRepository, organiunity, domain.ch
dn: cn=Default Administrative
Role,ou=ctscAdminRepository,ou=organiunity,o=dom
ain.ch
# Default Administrative User, ctscAdminRepository, organiunity, domain.ch
dn: cn=Default Administrative
User,ou=ctscAdminRepository,ou=organiunity,o=dom
ain.ch
# LibertyDataSequence, ctscApplicationDataRepository, organiunity, domain.ch
dn:
cn=LibertyDataSequence,ou=ctscApplicationDataRepository,ou=organiunity,o=d
omain.ch
# search result
search: 2
result: 0 Success
# numResponses: 14
# numEntries: 13
3)
> ./antedelete.sh ./dn.ldif
4)
>cat ./antedelete.sh
#!/bin/sh
#
# process an LDIF file created by OpenLDAP (dn only) so that the file can
# be used by the ldapdelete command (to delete everything in the right
order)
#
# input parameter: LDIF file to be processed
#
# output: five LDIF files (from .0 to .4)
# one for each step of the process (inside working directory)
#
i=$1
# delete three lines after "# search result"
cat - << E_O_F | ed -s ${i}
g/^# search result$/.,.+3d
w ${i}.0
q
E_O_F
# every line starting with " " has the " " removed and is joined with
previous line
cat - << E_O_F | ed -s ${i}.0
g/^ .*/s/^ //\\
-,.j
w ${i}.1
q
E_O_F
# delete all line starting with sharp
cat - << E_O_F | ed -s ${i}.1
g/^#/d
w ${i}.2
q
E_O_F
# move every line on top of the file (to reverse order of lines)
cat - << E_O_F | ed -s ${i}.2
g/^/m0
w ${i}.3
q
E_O_F
# remove "dn: " at the begin of each line
cat - << E_O_F | ed -s ${i}.3
g/^dn: .*/s/^dn: //
w ${i}.4
q
E_O_F
5)
>cat ./dn.ldif.4
cn=LibertyDataSequence,ou=ctscApplicationDataRepository,ou=organiunity,o=dom
ain.ch
cn=Default Administrative
User,ou=ctscAdminRepository,ou=organiunity,o=domain.ch
cn=Default Administrative
Role,ou=ctscAdminRepository,ou=organiunity,o=domain.ch
cn=Default Administrative
Group,ou=ctscAdminRepository,ou=organiunity,o=domain.ch
cn=Default Password
Policy,ou=ctscPolicyRepository,ou=organiunity,o=domain.ch
cn=ExtendedAttributeOID,ou=ctscApplicationDataRepository,ou=organiunity,o=do
main.ch
cn=AdminSequence,ou=ctscApplicationDataRepository,ou=organiunity,o=domain.ch
cn=ApplicationDataSequence,ou=ctscApplicationDataRepository,ou=organiunity,o
=domain.ch
cn=PolicySequence,ou=ctscApplicationDataRepository,ou=organiunity,o=domain.c
h
ou=ctscAdminRepository,ou=organiunity,o=domain.ch
ou=ctscPolicyRepository,ou=organiunity,o=domain.ch
ou=ctscApplicationDataRepository,ou=organiunity,o=domain.ch
ou=organiunity,o=domain.ch
6)
>ldapdelete -x -D ........ -w ........ -f dn.ldif.4
##########################################