changing Net::LDAP::Entry changes

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

The situation: we're populating MS Active Directory from a UNIX box
using LDAPS.  Our strategy is:

(1) Read changes from an LDIF-formatted file using Net::LDAP::LDIF's
    read_cmd() method
(2) Tweak the changes to make them work with Active Directory
(3) Send the changes to AD using Net::LDAP::Entry's update() method

(1) and (3) work beautifully.  (2) has become the stumbling block,
specifically for "modify" requests.

Active Directory is particular about the format of the unicodePwd
attribute.  So I'm taking the value from the LDIF file and converting
it to the format that AD wants, then using Net::LDAP::Entry::replace()
to ditch the old value and plug in the new one.  Unfortunately, this
results in the internal "changes" array having *two* replace
operations: the original replace operation read in from the LDIF file, 
and the new one I put in there.  AD barfs on the first one as
expected.

What I really want to do is "change the changes", not add a new change 
to the list of changes.  My temporary workaround will likely be to
muck with the "changes" array directly.  But I'm open to better
solutions.  I see there is an (undocumented?) "changes" method that
returns the contents of the changes array.  Perhaps if it returned a
reference to the array I could muck with it without depending on the
internal representation of the Entry object.

%%  Christopher A. Bongaarts  %%  ca...@tc...       %%
%%  Internet Services         %%  http://umn.edu/~cab  %%
%%  University of Minnesota   %%  +1 (612) 625-1809    %%