Re: What's the best way to replace value of attribute which can handle multiple values?

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Zhang Huangbin wrote:
> What's the best way to 'replace' value of attribute which can handle  
> multiple values?
> 
> Such as:
> 
> dn: uid=myuid,dc=example,dc=com
> cn: cn1
> cn: cn2
> cn: cn3
> 
> My purpose is to get ldif like this (no cn=cn2 any more):
> 
> dn: uid=myuid,dc=example,dc=com
> cn: cn1
> cn: cn3
> cn: cn4
> 
> I want to replace cn=cn2 by cn=cn4 if it exist, or add cn=cn4 directly  
> if 'cn=cn2' donesn't exist.
> 
> If cn=cn2 is not exist, [(ldap.MOD_DELETE, 'cn', 'cn2')] will raise an  
> error.

Could you please post the error raised and mention with which server you're
testing?

I'd try [(ldap.MOD_DELETE, 'cn',['cn2'])]

> If cn=cn2 is not exist, [(ldap.MOD_ADD, 'cn', 'cn4')] will add cn=cn4,  
> but can't delete 'cn=cn2'.

Try this: [(ldap.MOD_ADD, 'cn',['cn4'])]

In general for this to work the server has to have an EQUALITY matching rule
defined for the attribute type in question and implement this matching rule.
This should be the case for 'cn' alias 'commonName' but one never knows for sure.

In web2ldap I have implemented a variant of the function
ldap.modlist.modifyModlist() which looks at the schema to determine use of
EQUALITY matching rule and generate the diff accordingly.

Ciao, Michael.