How do I modify the value of an attribute with OpenLDAP?

Solution 1

ldapmodify is your friend.

Create a "modify" ldif file.

Ex:

dn: cn=Elmer Fudd,o=company.com
changetype: modify
add: isAdmin
isAdmin: 1

Save file and use it with ldapmodify:

ldapmodify -v -D "cn=manager,o=company.com" -h <host> -W -f changes.ldif  

Solution 2

The easiest way I've discovered to do this is to use gq. It's not the prettiest of applications, but does work reasonably well.

If you find yourself doing the same tasks over and over again, it might be worth writing a script in your favourite scripting language. In Perl you can use Net::LDAP.

Solution 3

smbldap-tools and SMBLDAP-TOOLS Addons are perl scripts to manage user and group accounts stored in an LDAP directory.

For examples: smbldap-attribute is a simple and powerful script. This script can add/modify/delete any attribute.

add attribute and value (support multiple values):

smbldap-attribute "uid=user1,dc=example,dc=com" "attribute:value"
smbldap-attribute "uid=user1" "attribute:value"
smbldap-attribute user1 "attribute:value"
smbldap-attribute -s "_" "uid=user1,dc=example,dc=com" "attribute_value"

modify value:

smbldap-attribute "uid=user1,dc=example,dc=com" "attribute:current:new"
smbldap-attribute "uid=user1" "attribute:current:new"
smbldap-attribute user1 "attribute:current:new"
smbldap-attribute -s "/" user1 "attribute/current/new"

delete value:

smbldap-attribute -d "uid=user1,dc=example,dc=com" "attribute:value"
smbldap-attribute -d "uid=user1" "attribute"
smbldap-attribute -d user1 "attribute"

Related videos on Youtube