1

I want to do (what I thought) would be quite a simple thing. I have an LDAP entry that looks like this(in LDIF format):

dn: cn=myorg,ou=teams,ou=groups,o=company,c=us
cn: myorg
objectClass: top
objectClass: CompanyTeams
objectClass: groupOfUniqueNames
owner: cn=john,ou=people,o=company,c=us
uniqueMember: cn=bob,ou=people,o=company,c=us
uniqueMember: cn=bill,ou=people,o=company,c=us
uniqueMember: cn=carol,ou=people,o=company,c=us
uniqueMember: cn=frank,ou=people,o=company,c=us
uniqueMember: cn=alice,ou=people,o=company,c=us

In my code, I have all these entries represented as dicts. I'm using Python's LDIF writer to write these entries out to proper LDIF. Exporting the whole thing is easy:

def dump_ldif(self):
    writer = LDIFWriter(open('entrybackup.ldif', 'wb'))
       writer.unparse(cn=myorg, self.all_the_teams.get_teamstr_by_name('{'objectClass': ['top', 'CompanyTeams', 'groupOfUniqueNames']'owner': ['cn=john,ou=people,o=company,c=us'], 'uniqueMember': ['uniqueMember: cn=bob,ou=people,o=company,c=us','uniqueMember: cn=bill,ou=people,o=company,c=us','uniqueMember: cn=carol,ou=people,o=company,c=us','uniqueMember: cn=frank,ou=people,o=company,c=us','uniqueMember: cn=alice,ou=people,o=company,c=us'], 'cn': ['myorg']}')

But how do you have LDIF output that uses delete/modify operators? I have a list of uniqueMember that I want to go away:

['cn=bob,ou=people,o=company,c=us', 'cn=bill,ou=people,o=company,c=us']

And (I believe) this is the end goal in LDIF format, pulling from my list:

dn: cn=myorg,ou=teams,ou=groups,o=company,c=us
changetype: modify
delete: uniqueMember
uniqueMember: cn=bob,ou=people,o=company,c=us
uniqueMember: cn=bill,ou=people,o=company,c=us

Is there not some simple way to do this with Python(2.7)? Starting to feel crazy. Note: I could just do the text output/manipulation, but I want to stick with LDIFWriter to write this output. I just want find the syntax to output 'delete' LDIF directives.

Chloe
  • 13
  • 4

1 Answers1

0

I am not the greatest Python expert but LDAP is my piece of cake.

The entry you are passing to the writer is simply a data object with values, and the Python LDIFWriter is actually a straightforward class which converts its syntax to LDIF.

What I think you should do is, convert your entry to a modification and then pass it onto the LDIFWriter, something like this: 

entry={ 'changetype' : ['modify'],
             'delete': ['uniqueMember'],
       'uniqueMember': ['cn=bob,ou=people,o=company,c=us','cn=bill,ou=people,o=company,c=us'],
      }
writer.unparse('cn=myorg', entry)

EDIT

If you have an array with deleted users called deletes you can pass it into the entry like this: 

'uniqueMember': deletes

Seems to work :-)

mvreijn
  • 2,807
  • 28
  • 40