2.3 Modify Entries and Attributes - rukichen/GrailsGroovyLDAP GitHub Wiki
2.3.1 Operations for Modification on the attributes
2.3.2 Simple Rename and Move
2.3.3 Advanced Move and Rename with ModifyDn
Code for this part found in Third Groovy
There are three different operations:
| Enum Constant | Description |
|---|---|
| ADD_ATTRIBUTE | Added attribute value |
| REMOVE_ATTRIBUTE | Removed attribute value |
| REPLACE_ATTRIBUTE | Replaced attribute value |
To use these you give a variable the DefaultModification with the ModificationOperation of you choice with a name of the attribute and the values. You can save a lot of different operations in different variables and add them add once. Applying the changes are made through connection.modify and the address directory which you want to change.
add a new Attribute
def addedGivenName = new DefaultModification(ModificationOperation.ADD_ATTRIBUTE,
"givenName", "Oskar", "Hermann")
def addedUid = new DefaultModification(ModificationOperation.ADD_ATTRIBUTE,
"uid", "owild")
connection.modify("cn=Oskar Wild,ou=Users,dc=example,dc=com", addedGivenName,
addedUid)delete a attribute
def deletedName = new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE,
"givenName")
connection.modify("cn=Oskar Wild,ou=Users,dc=example,dc=com", deletedName)remove the value of an attribute
def removeValue = new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE,
"givenName", "Hermann")
connection.modify("cn=Oskar Wild,ou=Users,dc=example,dc=com", removeValue)Replace the value of a attribute
def replaceGn = new DefaultModification(ModificationOperation.REPLACE_ATTRIBUTE,
"sn", "Wild")Another potential error occurs when adding an attribute type that isn't allowed on that entry. This occurs because the Entry's ObjectClass does not allow such an attribute (per the schema), or because the server forbids modification of that entry, due to the ACIs applied on this entry.
- never inject more than one value in a SINGLE_VALUE attribute
- never remove a value which is used by the RDN
- never delete all the values of a mandatory attribute
- always have the right to modify the entry
- never try to update a non-existent entry
With rename is meant, we change the the part of the DN which identifies the entry. Changing the DN is a change in the schema. There is a simple way and a more advanced way. For the simple way you define your old Dn and your new Dn. Keep in mind the new Dn should have the correct path to your entry. We can make both operations in one as well. So move and rename at the same time. YOu can make live easier. Define the new entryDn exactly the way it should look like after the changes were made. You can get all the information through getRdn() for the new name. With move() , rename() and moveAndRename() you can to everything.
// move
def entryMoveDN = new Dn("cn=Oskar Wild,ou=Users,dc=example,dc=com")
def newMoveEntryDn = new Dn("cn=Mark Twain,ou=Users,dc=example,dc=com")
def moveResponse = connection.move(entryMoveDN, newMoveEntryDn)
//rename
def entryRenameDN = new Dn("cn=Oskar Wilder,cn=Mark Twain,ou=Users,
dc=example,dc=com")
def newEntryRenameDN = new Dn("cn=Oskar Wild,cn=Mark Twain,ou=Users,
dc=example,dc=com")
def renameResponse = connection.rename(entryRenameDN, newEntryRenameDN.getRdn())
// move and rename
def oldDN = new Dn("cn=Samuel Langhorne Clemens,cn=Mark Twain,ou=Users,
dc=example,dc=com")
def newDN = new Dn("cn=Samuel Clemens,ou=Users,dc=example,dc=com")
def renMovResponse = connection.moveAndRename(oldDN, newDN)With the simple modify() request we won't be able to manage this. Instead Apache gives us the modifyDn() operation. modifyDn() wants an input of a ModifyDnRequest. To implement it, we make a new instance of ModifyDnRequestImpl. We set the Dn setName of the entry we want to change. Give it the new referral Dn (Here cn ) with setNewRdn and set setDeleteOldRdn on true , if you want to delete the old Dn.
Rename
def entryDn = new Dn("cn=Oskar Wild,cn=Mark Twain,ou=Users,dc=example,dc=com")
def newDn = new Dn("cn=Oskar Wilder,cn=Mark Twain,ou=Users,dc=example,dc=com")
def modDnRequest = new ModifyDnRequestImpl()
modDnRequest.setName(entryDn)
modDnRequest.setNewRdn(newDn.getRdn())
modDnRequest.setDeleteOldRdn(true)
def modifyDnResponse = connection.modifyDn(modDnRequest)
if(ResultCodeEnum.SUCCESS == modifyDnResponse.getLdapResult().getResultCode()){
println "Wild got Wilder"
}Moving
Moving an entry works very similar to rename. This time we have to define a Dn for the location, to which the new entry is moved. In our example Samuel was saved under Mark Twain. We want him to move up to be an own user.
def entryDN = new Dn("cn=Samuel Clemens,ou=Users,dc=example,dc=com")
def newEntryDn = new Dn("cn=Mark Twain,ou=Users,dc=example,dc=com")
def movDnRequest = new ModifyDnRequestImpl()
movDnRequest.setName(entryDN)
movDnRequest.setNewSuperior(newEntryDn)
movDnRequest.setNewRdn(entryDN.getRdn())
def moveDnResponse= connection.modifyDn(movDnRequest)
if(ResultCodeEnum.SUCCESS == moveDnResponse.getLdapResult().getResultCode()){
println "Samuel moved down"
}Move and Rename in one operation
def oldEntryDN = new Dn("cn=Oskar Wilder,cn=Mark Twain,ou=Users,
dc=example,dc=com")
def newEntryDN = new Dn("cn=Oskar Wild,ou=Users,dc=example,dc=com")
def movAndRenameDnRequest = new ModifyDnRequestImpl()
movAndRenameDnRequest.setName(oldEntryDN)
movAndRenameDnRequest.setNewRdn(newEntryDN.getRdn())
movAndRenameDnRequest.setNewSuperior(newEntryDN.getParent())
movAndRenameDnRequest.setDeleteOldRdn(true)
def moveAndRenameDnResponse = connection.modifyDn(movAndRenameDnRequest)
if (ResultCodeEnum.SUCCESS ==
moveAndRenameDnResponse.getLdapResult().getResultCode()){
println "Oskar went up and changed back to Wild"
}| <<< Back 2.2 Add Delete entries |