Solved

How to add LDAP entry that with more than one OU

Posted on 2014-01-17
5
468 Views
Last Modified: 2014-02-08
I have been adding new entries to AD using ldf for a long time very successfully.  The beginning of the entry looks like:

dn: CN={obsfucated},OU=Test-SDSU,DC=Jacks,DC=Local
changetype: add
objectclass: user
cn: {obsfucated}
displayname: {obsfucated}
name: {obsfucated}
Initials: M
...

Now, I need to add very similar entries into the OU:

OU=Import,OU=Stu_Applicants,DC=jacks,DC=local

The obvious to me was:

dn: CN={obsfucated},OU=Import,OU=Stu_Applicants,DC=jacks,DC=local
changetype: add
objectclass: user
cn: {obsfucated}
displayname: {obsfucated}
name: {obsfucated}
Initials: M
...

but I get the following error:

C:\d drive scripts>ldifde -i -f "2014-01-16-NewAD_1.ldf" -s seacat -j "c:\d drive scripts"

Connecting to "seacat"

Logging in as current user using SSPI

Importing directory from file "2014-01-16-NewAD_1.ldf"

Loading entries.

Add error on entry starting on line 6: Invalid DN Syntax

The server side error is: 0x2081 Multiple values were specified for an attribute

that can have only one value.

The extended server error is:

00002081: NameErr: DSID-03050C42, problem 2003 (BAD_ATT_SYNTAX), data 0, best ma

tch of:

        'CN=***********,OU=Import,OU=Stu_Applicants,DC=jacks,DC=local'

The entire entry (with name obsfucated) is:

# Creates built at: 01/16/2014 16:27
#
# LDAPJacks_Name_Lookup has been updated, so if this batch is not processed that file will need to be manipulated
#
# 7239114
dn: CN=Last\, First,OU=Import,OU=Stu_Applicants,DC=jacks,DC=local
changetype: add
objectclass: user
cn: Last, First Middle
displayname: Last, First Middle - SDSU Student
name: First Middle Last
Initials: A
mAPIRecipient: FALSE
givenname: First
extensionAttribute2: 7239114
sn: Last
samAccountName: eaLast
mailNickname: First.Last
userPrincipalName: First.Last@jacks.sdstate.edu
mail: First.Last@jacks.sdstate.edu
proxyAddresses: SMTP:First.Last@jacks.sdstate.edu
targetAddress: SMTP:First.Last@jacks.sdstate.edu
extensionAttribute6: AD
msExchHideFromAddressLists: TRUE
Title: APPL
Department: Applicant
streetAddress: Off Campus
physicalDeliveryOfficeName: Off Campus
l: Brookings
st: SD
description: Stu_Applicants
postalCode: 57007
company: SDSU
userParameters: m:                    d\t
0
Comment
Question by:WJoeMoore
  • 3
5 Comments
 

Author Comment

by:WJoeMoore
ID: 39788768
I attached the wrong message.  That was the message I got when I switched something.  The original error was:

C:\d drive scripts>ldifde -i -f "2014-01-16-NewAD_1.ldf" -s seacat -j "c:\d drive scripts"

Connecting to "seacat"

Logging in as current user using SSPI

Importing directory from file "2014-01-16-NewAD_1.ldf"

Loading entries.

Add error on entry starting on line 6: Invalid DN Syntax

The server side error is: 0x2081 Multiple values were specified for an attribute

that can have only one value.

The extended server error is:

00002081: NameErr: DSID-03050C42, problem 2003 (BAD_ATT_SYNTAX), data 0, best ma

tch of:

        'CN=**************,OU=Import,OU=Stu_Applicants,DC=jacks,DC=local'

 

0 entries modified successfully.

An error has occurred in the program
0
 
LVL 22

Expert Comment

by:Matt V
ID: 39790203
You cannot specify multiple OUs.  Specify the lowest level OU as the OU for the new entry.
0
 
LVL 62

Expert Comment

by:gheist
ID: 39792242
since object'c cn is part of it.... you actually can not.
0
 

Accepted Solution

by:
WJoeMoore earned 0 total points
ID: 39829646
Neither of these responses are correct.  My problem was that the cn: entry did not match the cn: part of the dn.
0
 

Author Closing Comment

by:WJoeMoore
ID: 39843890
It took me way to long to realize this--but it was not EE that gave me the answer.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question