On 06/26/2014 07:50 AM, Audun Røe wrote:
Hello,
I'm trying to delete some problematic entries from our 389 directory. The entry DNs contain < and > (probably found their way into the directory years ago). This causes problems with JNDI where DNs from search results are fed directly back into more searches because these particular DNs are somehow returned in in escaped form. E.g. ou=my<problematic>entry,dc=example,dc=com becomes ou=my\<problematic\>entry,dc=example,dc=com, causing error 32. I'm not sure if it's the directory server or JNDI adding the escaping, as ldapsearch from the command line doesn't seem to behave this way, but it doesn't really matter: I want to remove the entries and get rid of the issue. Unfortunately, I'm unable to:
$ ldapdelete -D "cn=directory manager" -WxH "ldap://example.com:389" "ou=my<problematic>entry,dc=example,dc=com"Enter LDAP Password:ldap_delete: Invalid DN syntax (34)additional info: DN value invalid per syntax
I've also tried deleting through Apache Directory Studio, error 34 there as well.
So, any ideas on how to get rid of them? The only thing I can think of is to db2ldif the entire directory, manually excise the entries from the LDIF file and then re-import. But I'd rather not take this step unless there's no other way.
You could try disabling syntax checking - nsslapd-syntaxcheck
-Audun
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
No comments:
Post a Comment