0

How can we filter when applying ldapmodify?

For eg: this is how my user object looks like:

dn: mail=abc@d.com,ou=users,dc=dev,dc=com sn: po givenName: abc pin: 1234 mail: abc@d.com telephoneNumber: 11234567890 enabled: FALSE city: city cn: abc@d.com o: org

I want to modify this user's city if his org is org. How can I apply such a filter?

I am doing it using ldap3, do I need to use controls?

inquisitive
  • 3,738
  • 6
  • 30
  • 56

1 Answers1

1

You need to send the Assertion Control along with your modify operation (see RFC 4528). Basically the control contains a filter which has to be matched.

I'm using this control in my web2ldap to prevent concurrent writes to do anything bad.

I have some doubts that ldap3 module supports it out-of-the-box though.

Further notes:

  • Not all LDAP servers support this control.
  • There are subtle bugs in LDAP server implementations supporting this control.
Community
  • 1
  • 1
Michael Ströder
  • 1,248
  • 8
  • 12