Problems importing from LDIF file generated with python-ldap

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi.

I am sorry if this is a stupid question. I have pretty basic knowledge
of both LDAP and python, and am having trouble with some scripts for
creating LDAP records, written by my predecessor.

This script worked fine from an Ubuntu 7.10 client environment before
the summer, but now, after actually upgrading to Ubuntu 8.04, the
script yields an error message when adding the user to groups, using
the modify changetype operator. The offending statement looks like
this:

#########
dn: cn=audio,ou=Group,dc=ourdc,dc=no
changetype: modify
memberUid: newuser
#########

The errormessage from ldapmodify:

#########
larsekol@skarphedin:~$ /usr/bin/ldapmodify -ZZ -h ldap.server -D
"cn=Manager,dc=ourdc,dc=no" -w passwrrd -x -a -f ./newaccounts.ldif

adding new entry "uid=newuser,ou=people,dc=ourdc,dc=no"

adding new entry "cn=newuser,ou=Group,dc=ourdc,dc=no"

ldapmodify: modify operation type is missing at line 26, entry
"cn=audio,ou=Group,dc=ourdc,dc=no"

larsekol@skarphedin:~$
#########

When I look in the LDAP docs, this looks reasonable, as it states that
you ned an "add: memberUid" statement with the changetype: modify. But
how come it worked before? And when I try to incorporate this into the
LDIF generator script, which uses python-ldap, it just won't work. The
relevant code looked like this:

#########
      # add the new user to a set of default groups:
      # audio, cdrom, floppy, plugdev, video

      entry={ 'changetype' : ['modify'],
	      'memberUid': [username],
      }
      dn='cn=audio,ou=Group,dc=ourdc,dc=no'
      ldif_writer=ldif.LDIFWriter(newusers)
      ldif_writer.unparse(dn,entry)
#########

I thought I could add another element to the dict, "'add':
['memberUid']", but that's probably a naiive assumption, and wishful
thinking. When I add it between the changetype and memberuid elements,
it will appear in the top of the LDIF statement, which won't work:

My "improvement":
#########
      # add the new user to a set of default groups:
      # audio, cdrom, floppy, plugdev, video

      entry={ 'changetype' : ['modify'],
              'add': ['memberUid'],
	      'memberUid': [username],
      }
      dn='cn=audio,ou=Group,dc=ourdc,dc=no'
      ldif_writer=ldif.LDIFWriter(newusers)
      ldif_writer.unparse(dn,entry)
#########

Result:
########
dn: cn=audio,ou=Group,dc=ourdc,dc=no
add: memberUid
changetype: modify
memberUid: newuser
########

Here the add and changetype statements should be the other way
(changetype first, add afterwards), if I understand the docs right. If
I do that manually in the LDIF file, ldapmodify will add the user to
the audio group with no complaints. But I haven't been able to do that
thru the python-ldap libraries.

Could someone please point me to where I've totally misunderstood
here, or how I could make this right with python-ldap (adding the user
to audio group)?

Thanks from a noob.

Lars Erik
Lars Erik