
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
LDAP Database Management
|
233
This is very similar to how we used ldapadd in the previous section. For a complete
explanation of this command’s syntax, see the ldapadd(1) manpage.
If you specified the attributes required by all object classes set in the LDIF file and if
all attributes you specified are supported by those object classes and if, when
prompted, you provide the correct LDAP bind password, the record will be added
to the database. If any of those conditions is false, however, the action will fail and
ldapadd will tell you what went wrong. Thus, you can use good old trial and error to
craft a workable record format; after all, once you’ve figured this out once, you can
use the same format for subsequent records without going through all this schema-
induced zaniness.
I offer one caveat: if your LDIF file contains multiple records, which is permitted,
keep in mind that if your LDAP server detects an error, it will quit parsing the file
and will not attempt to add any records below the one that failed. Therefore, you
should stick to single-record LDIF files for the first couple of user-adds, until you’ve
finalized your record format.
That’s the manual record-creation method: it’s a little clunky, but it easily accommo-
dates tinkering, which is especially useful in the early