Robbie Allen <ra...@ci...> wrote:
> Active Directory's schema cache may be updated by setting the
> operational attribute 'schemaUpdateNow' to 1. This is typically done in
> LDIF files that modify the schema in which a reference needs to be made
> to a class or attribute that was created in the same LDIF file. If the
> schema cache isn't updated, the server may reject the change.
>
> More information is available here:
> http://msdn.microsoft.com/library/psdk/adsi/glschemex_378l.htm
>
> It looks like this in an LDIF file:
>
> dn:
> changetype: modify
> add: schemaUpdateNow
> schemaUpdateNow: 1
> -
That's OK, because I think that your change record is affecting the root
DSE, which has a DN of "".
> Turns out that Net::LDAP::LDIF doesn't like this very much. It expects
> something after the dn. The following change would fix this issue, but
> I was curious if it might break something else. The entry object
> created will not have a distinguishedname attribute, but everything else
> seems to work fine.
A minor quibble: the "dn" line does not indicate an attribute called
distinguishedName, but actually the DN of the entry being modified. (The DN
of an entry is not held in an attribute of the entry.)
> LDIF.pm
> 73c73
> < return unless @ldif > 1 && $ldif[0] =~ s/^dn:(:?) //;
> ---
>> return unless @ldif > 1 && $ldif[0] =~ s/^dn:(:?)( ?)//;
>
> Robbie Allen
>
A slightly better change would be:
return unless @ldif > 1 && $ldif[0] =~ s/^dn:(:?) *//;
because the LDIF ABNF says the dn line is this:
dn-spec = "dn:" (FILL distinguishedName /
":" FILL base64-distinguishedName)
FILL = *SPACE
Cheers,
Chris
|
