Link to home
Create AccountLog in
Avatar of bt707
bt707Flag for United States of America

asked on

Ldapsearch command

I'm using a command like:

ldapsearch -b c=an -h eurldap02 -p 3390 mail=*@eur.com alias seeAlso

This command pulls down everyone because of the mail=*@eur.com and
alias, what I need to do is to is only pull down Only the ones that
contain a "seeAlso" attribue in them. I could direct the output to
a file then filter out I'm sure but seems there would be a lot easier
way.

Ex: of output I'm working with.


cn=Daniel Doe  315578,ou=employee,o=eur,c=AN
seeAlso=TERMINATED on 20041222030000Z
alias=DDoe

cn=Dennis Doe  101245,ou=employee,o=eur,c=AN
alias=DDoe2

cn=David L Doe  162597,ou=employee,o=eur,c=AN
seeAlso=TERMINATED on 20050303012000Z
alias=DDoe3

cn=Davis Doe  293248,ou=employee,o=eur,c=AN
alias=DDoe4


Thanks,

Avatar of jkr
jkr
Flag of Germany image

>>I could direct the output to a file then filter out I'm sure but seems there would be a lot easier way.

You could skip the 'file' detours by simply piping the output through 'grep', e.g.

ldapsearch -b c=an -h eurldap02 -p 3390 mail=*@eur.com alias seeAlso | grep seeAlso


Avatar of bt707

ASKER

Yes I already tried that, however that doesn't give me what I need, if I do that then
all I get a list of "seeAlso and no mail address or alias to go with it, I need to
get the ones that have the "seeAlso" along with the mail address and alias.
ASKER CERTIFIED SOLUTION
Avatar of manav_mathur
manav_mathur

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of bt707

ASKER

Thanks Manav,

Never fails you always have a great answer, I was playing around with the perl -00, figured it would do it but didn't have it right.


this will get it where i can get info i need, however what i'm
really tring to do is to find users in ldap that have a duplicate
ldap record, when users change job status they end up with a two
ldap records which one of them has a attribute of seeAlso, problem
with that is only some of the ones with seeAlso need to be deleted
so i'm still working on filtering those out but this will get me
heading where i need to be. I'm still wondering if there is a way
to find the users that have duplicate records though.

Thanks a lot,
Avatar of manav_mathur
manav_mathur

DO you want to filter all duplicaet records and preserve only one record for them....??

Manav
Avatar of bt707

ASKER

what I need is a list of all users with duplicate records and to be able to see both of there records.
Script
====
use strict ;
use warnings ;
local $/="\n\n" ;
my %hash=() ;
while(<DATA>) {
if(/^cn=([^,]*),/) {
$hash{$1}++;
print if($hash{$1} < 2) ;
}
}
__DATA__
cn=Daniel Doe  315578,ou=employee,o=eur,c=AN
seeAlso=TERMINATED on 20041222030000Z
alias=DDoe

cn=Daniel Doe  315578,ou=employee,o=eur,c=AN
alias=DDoe

cn=Dennis Doe  101245,ou=employee,o=eur,c=AN
alias=DDoe2

cn=David L Doe  162597,ou=employee,o=eur,c=AN
seeAlso=TERMINATED on 20050303012000Z
alias=DDoe3

cn=Davis Doe  293248,ou=employee,o=eur,c=AN
alias=DDoe4

Output
=====
cn=Daniel Doe  315578,ou=employee,o=eur,c=AN
seeAlso=TERMINATED on 20041222030000Z
alias=DDoe

cn=Dennis Doe  101245,ou=employee,o=eur,c=AN
alias=DDoe2

cn=David L Doe  162597,ou=employee,o=eur,c=AN
seeAlso=TERMINATED on 20050303012000Z
alias=DDoe3

cn=Davis Doe  293248,ou=employee,o=eur,c=AN
alias=DDoe4



Notice that the duplicate record for
cn=Daniel Doe  315578,ou=employee,o=eur,c=AN
alias=DDoe
has been deleted.

Manav
The earlir script was for removing duplicate records....this one is for seeing them

use strict ;
use warnings ;
local $/="\n\n" ;
my %hash=() ;
open(LDAPSEARCH,"ldapsearch -b c=an -h eurldap02 -p 3390 mail=*@eur.com alias seeAlso | ") or die("Cant execute ldap query") ;
while(<LDAPSEARCH>) {
if(/^cn=([^,]*),/) {
push @{$hash{$1}}, "$_" ;
}
close(LDAPSEARCH) ;
}
foreach(keys%hash) {
delete $hash{$_} if (@{$hash{$_}} < 2) ;
}
print "List of duplicate records.....\n " ;
foreach (keys %hash) {
print "***********\nUser : $_\nRecords : \n***********\n" ;
$"="--------------\n" ;
print "@{$hash{$_}}" ;
}


Just prefix the @ in your command "mail=*@eur...." with a backslash to prevent Perl from seeing this as an array.

Manav
Avatar of bt707

ASKER

This looks really good,
Don't i have to use ldapsearch, and to delete from ldap i have to use ldapdelete with a passwd switch,
how can i use this to show the two records for now.

Thanks so much
This script will just show you the duplicate records, it wont attempt to delete them. The ldapsearch command is run here
...
...
open(LDAPSEARCH,"ldapsearch -b c=an -h eurldap02 -p 3390 mail=*@eur.com alias seeAlso | ") or die("Cant execute ldap query") ;
...

If you also want to delete, you can possibly tell me the command and I'll try to give you the script.

Manav
Avatar of bt707

ASKER

i can see this will be just what i need, let me try it and see what i get, get back to you
soon as i can, kind of have to much going,

Thanks...............
Avatar of bt707

ASKER

Here is one I was trying with just using one alias that I know has a duplicate ldap
record.

Getting a error such as:

# ./dups.pl
readline() on closed filehandle LDAPSEARCH at ./dups.pl line 8.
List of duplicate records.....

Do i have something messed up here?


#!/usr/bin/perl
use strict ;
use warnings ;
local $/="\n\n" ;
my %hash=() ;
open(LDAPSEARCH,"
ldapsearch -b c=an -h eurldap02 -p 3390 alias=hubbard4 | ") or die("Cant execute ldap query") ;
while(<LDAPSEARCH>) {
if(/^cn=([^,]*),/) {
push @{$hash{$1}}, "$_" ;
}
close(LDAPSEARCH) ;
}
foreach(keys%hash) {
delete $hash{$_} if (@{$hash{$_}} < 2) ;
}
print "List of duplicate records.....\n " ;
foreach (keys %hash) {
print "***********\nUser : $_\nRecords : \n***********\n" ;
$"="--------------\n" ;
print "@{$hash{$_}}" ;
}
open("LDAPSEARCH,"

and your ldapsearch command should be on the same line, like

open(LDAPSEARCH,"ldapsearch -b c=an -h eurldap02 -p 3390 alias=hubbard4 | ") or die("Cant execute ldap query") ;

The above open statement is one line, no matter if the page formatting of EE changes it.

Manav
Avatar of bt707

ASKER

I tried putting it on one line as below but still getting the same error, not sure what to do with it.


# ./dups.pl
readline() on closed filehandle LDAPSEARCH at ./dups.pl line 7.
List of duplicate records.....
 #
#
#
#
#
# more dups.pl
#!/usr/bin/perl
use strict ;
use warnings ;
local $/="\n\n" ;
my %hash=() ;
open(LDAPSEARCH,"ldapsearch -b c=an -h eurldap02 -p 3390 alias=hubbard4 | ") or die("Cant execute ldap query") ;
while(<LDAPSEARCH>) {
if(/^cn=([^,]*),/) {
push @{$hash{$1}}, "$_" ;
}
close(LDAPSEARCH) ;
}
foreach(keys%hash) {
delete $hash{$_} if (@{$hash{$_}} < 2) ;
}
print "List of duplicate records.....\n " ;
foreach (keys %hash) {
print "***********\nUser : $_\nRecords : \n***********\n" ;
$"="--------------\n" ;
print "@{$hash{$_}}" ;
}
Funny, and it *doesnt* die out with the message "Cant execute ldap query" ?? The following is a variant of the same script....try it


#!/usr/bin/perl
use strict ;
use warnings ;
local $/="\n\n" ;
my %hash=() ;
open(LDPSEA,"ldapsearch -b c=an -h eurldap02 -p 3390 alias=hubbard4 | ") or die("Cant execute ldap query") ;
while(<LDPSEA>) {
if(/^cn=([^,]*),/) {
push @{$hash{$1}}, "$_" ;
}
close(LDPSEA) ;
}
print "List of duplicate records.....\n " ;
foreach (keys %hash) {
if (@{$hash{$_}} < 2) {
delete $hash{$_}
} else {
print "***********\nUser : $_\nRecords : \n***********\n" ;
$"="--------------\n" ;
print "@{$hash{$_}}" ;
}
}

Manav
Avatar of bt707

ASKER

getting about the same error

# ./dups.pl
readline() on closed filehandle LDPSEA at ./dups.pl line 7.
List of duplicate records.....

nope it doesn't die, can't figure that one out.
> Is this command running fine on commandline??
> Can you post this as a fresh question in the Perl area? That would attract a lot more attention than you'll get here.....

Manav
Avatar of bt707

ASKER

yes, this works fine on a command line. the line below pulls up two ldap records for this user when run like

# ldapsearch -b c=an -h eurldap02 -p 3390 alias=hubbard4


sure no problem, will post on perl area,

Thanks,