|
|
|
|
Bookmark this on Delicious
Share on Facebook
 Slashdot It!
Digg  ldap_rename
Modify the name of an entry
(PHP 4 >= 4.0.5, PHP 5)
Code Examples / Notes » ldap_renamealex
Works also with eDirectory 8 (NW6). If you are moving a user, remember that you also change the uid! cory
When setting a new Rdn value be sure to escape any commas that are not path designators. I spent several hours trying to move user nodes in AD since their cn was set wrong. We wanted the cn to be set to: lastname, firstname. <?php //In this example we are renaming a node with cn of "jsmith" to "Smith, John" /* Setting some variables to values for display purposes. In a real script the values would probably come from some outside source (file, ldap query, etc...) */ $dn = 'cn=jsmith,ou=mygroup,dc=mydomain'; $name = "Smith, John"; // Now replace those pesky commas $newRdn = "cn=" . str_replace(",", "\\,", $name); ldap_rename($link, $dn, $newRdn, $newParent, true); ?> 04-apr-2002 12:10
To get this function working make sure that the value for $newrdn is relative.
backports
Though clearly mentioned, the following had me in spin for a good 10 minutes. Ensure: if (!ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3)) { // do something horrible } has been set _before_ you actually bind :) viper_sb
Since this function isn't documented to well I thought I'd help out those trying to get this to work. <?php // $dn is the full DN of the entry you wish to move $dn = 'cn=user1,ou=group1,dc=mydomain'; /* note that $newRdn IS NOT a full DN, it is only the start I've NOT gotten it to change attributes for the RDN but that could just be my schema */ $newRdn = 'cn=user2'; // $newparent IS the full DN to the NEW parent DN that you want to move/rename to $newParent = 'ou=group2,dc=mydomain'; ldap_rename($link, $dn, $newRdn, $newParent, true); ?> Like I said above I haven't been able to get it to rename to a DIFFERENT attribute so deleteoldrdn has no affect on it. richard esplin
ldap_rename can only move leaf nodes of the directory tree. If your ldap entry has any child entries, then ldap_rename is not the tool that you need. We needed to change usernames, but that alters the dn. ldap_rename wouldn't work because each of our user ldap entries has a couple associated child entries. We had to write a function to recursively copy the subtree to the new location, and then delete the original version. Here is the basic algorithm: function recursive_move($old_username, $new_username) ldap_search on the old username to get the correct entry ldap_get_attributes to get an array of values from the ldap entry foreach attribute in array, replace occurences of $old_username with $new_username ldap_add the attribute array into the new location ldap_modify any additional attributes ldap_list each child entry call function recursive_move on each child ldap_delete current entry return venakis
If you are using Sun Directory Server 5.2, please note that you can't use ldap_rename to move an entry. According to Sun's own documentation: "[...] At this point in time, Directory Server does not support the ability to use the modify DN operation to move an entry from one location in the directory tree to another location." (http://docs.sun.com/source/817-6707/resultcodes.html) The problem is that php does not return any error and the operation seems to complete succesfully, except for the fact that nothing really happens. If you check the server logs, there will be an "error 53" entry (server is unwilling to perform). hope this saves someone's couple of hours nasty searching... hyc
Contrary to Richard Esplin's statement, this *is* the correct function to use for renaming subtrees and moving entries from one place in the tree to another. Just that most LDAP server implementations don't support moving non-leaf entries. E.g. In OpenLDAP, moving a non-leaf entry is only supported when using the back-hdb database backend. SunOne only has one database backend, and it apparently doesn't handle this type of operation. |
Change Language
ldap_8859_to_t61 ldap_add ldap_bind ldap_close ldap_compare ldap_connect ldap_count_entries ldap_delete ldap_dn2ufn ldap_err2str ldap_errno ldap_error ldap_explode_dn ldap_first_attribute ldap_first_entry ldap_first_reference ldap_free_result ldap_get_attributes ldap_get_dn ldap_get_entries ldap_get_option ldap_get_values_len ldap_get_values ldap_list ldap_mod_add ldap_mod_del ldap_mod_replace ldap_modify ldap_next_attribute ldap_next_entry ldap_next_reference ldap_parse_reference ldap_parse_result ldap_read ldap_rename ldap_sasl_bind ldap_search ldap_set_option ldap_set_rebind_proc ldap_sort ldap_start_tls ldap_t61_to_8859 ldap_unbind |
