Solved

How to add LDAP entry that with more than one OU

Posted on 2014-01-17
5
479 Views
Last Modified: 2014-02-08
I have been adding new entries to AD using ldf for a long time very successfully.  The beginning of the entry looks like:

dn: CN={obsfucated},OU=Test-SDSU,DC=Jacks,DC=Local
changetype: add
objectclass: user
cn: {obsfucated}
displayname: {obsfucated}
name: {obsfucated}
Initials: M
...

Now, I need to add very similar entries into the OU:

OU=Import,OU=Stu_Applicants,DC=jacks,DC=local

The obvious to me was:

dn: CN={obsfucated},OU=Import,OU=Stu_Applicants,DC=jacks,DC=local
changetype: add
objectclass: user
cn: {obsfucated}
displayname: {obsfucated}
name: {obsfucated}
Initials: M
...

but I get the following error:

C:\d drive scripts>ldifde -i -f "2014-01-16-NewAD_1.ldf" -s seacat -j "c:\d drive scripts"

Connecting to "seacat"

Logging in as current user using SSPI

Importing directory from file "2014-01-16-NewAD_1.ldf"

Loading entries.

Add error on entry starting on line 6: Invalid DN Syntax

The server side error is: 0x2081 Multiple values were specified for an attribute

that can have only one value.

The extended server error is:

00002081: NameErr: DSID-03050C42, problem 2003 (BAD_ATT_SYNTAX), data 0, best ma

tch of:

        'CN=***********,OU=Import,OU=Stu_Applicants,DC=jacks,DC=local'

The entire entry (with name obsfucated) is:

# Creates built at: 01/16/2014 16:27
#
# LDAPJacks_Name_Lookup has been updated, so if this batch is not processed that file will need to be manipulated
#
# 7239114
dn: CN=Last\, First,OU=Import,OU=Stu_Applicants,DC=jacks,DC=local
changetype: add
objectclass: user
cn: Last, First Middle
displayname: Last, First Middle - SDSU Student
name: First Middle Last
Initials: A
mAPIRecipient: FALSE
givenname: First
extensionAttribute2: 7239114
sn: Last
samAccountName: eaLast
mailNickname: First.Last
userPrincipalName: First.Last@jacks.sdstate.edu
mail: First.Last@jacks.sdstate.edu
proxyAddresses: SMTP:First.Last@jacks.sdstate.edu
targetAddress: SMTP:First.Last@jacks.sdstate.edu
extensionAttribute6: AD
msExchHideFromAddressLists: TRUE
Title: APPL
Department: Applicant
streetAddress: Off Campus
physicalDeliveryOfficeName: Off Campus
l: Brookings
st: SD
description: Stu_Applicants
postalCode: 57007
company: SDSU
userParameters: m:                    d\t
0
Comment
Question by:WJoeMoore
  • 3
5 Comments
 

Author Comment

by:WJoeMoore
ID: 39788768
I attached the wrong message.  That was the message I got when I switched something.  The original error was:

C:\d drive scripts>ldifde -i -f "2014-01-16-NewAD_1.ldf" -s seacat -j "c:\d drive scripts"

Connecting to "seacat"

Logging in as current user using SSPI

Importing directory from file "2014-01-16-NewAD_1.ldf"

Loading entries.

Add error on entry starting on line 6: Invalid DN Syntax

The server side error is: 0x2081 Multiple values were specified for an attribute

that can have only one value.

The extended server error is:

00002081: NameErr: DSID-03050C42, problem 2003 (BAD_ATT_SYNTAX), data 0, best ma

tch of:

        'CN=**************,OU=Import,OU=Stu_Applicants,DC=jacks,DC=local'

 

0 entries modified successfully.

An error has occurred in the program
0
 
LVL 22

Expert Comment

by:Matt V
ID: 39790203
You cannot specify multiple OUs.  Specify the lowest level OU as the OU for the new entry.
0
 
LVL 62

Expert Comment

by:gheist
ID: 39792242
since object'c cn is part of it.... you actually can not.
0
 

Accepted Solution

by:
WJoeMoore earned 0 total points
ID: 39829646
Neither of these responses are correct.  My problem was that the cn: entry did not match the cn: part of the dn.
0
 

Author Closing Comment

by:WJoeMoore
ID: 39843890
It took me way to long to realize this--but it was not EE that gave me the answer.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question