Solved

How to add LDAP entry that with more than one OU

Posted on 2014-01-17
5
460 Views
Last Modified: 2014-02-08
I have been adding new entries to AD using ldf for a long time very successfully.  The beginning of the entry looks like:

dn: CN={obsfucated},OU=Test-SDSU,DC=Jacks,DC=Local
changetype: add
objectclass: user
cn: {obsfucated}
displayname: {obsfucated}
name: {obsfucated}
Initials: M
...

Now, I need to add very similar entries into the OU:

OU=Import,OU=Stu_Applicants,DC=jacks,DC=local

The obvious to me was:

dn: CN={obsfucated},OU=Import,OU=Stu_Applicants,DC=jacks,DC=local
changetype: add
objectclass: user
cn: {obsfucated}
displayname: {obsfucated}
name: {obsfucated}
Initials: M
...

but I get the following error:

C:\d drive scripts>ldifde -i -f "2014-01-16-NewAD_1.ldf" -s seacat -j "c:\d drive scripts"

Connecting to "seacat"

Logging in as current user using SSPI

Importing directory from file "2014-01-16-NewAD_1.ldf"

Loading entries.

Add error on entry starting on line 6: Invalid DN Syntax

The server side error is: 0x2081 Multiple values were specified for an attribute

that can have only one value.

The extended server error is:

00002081: NameErr: DSID-03050C42, problem 2003 (BAD_ATT_SYNTAX), data 0, best ma

tch of:

        'CN=***********,OU=Import,OU=Stu_Applicants,DC=jacks,DC=local'

The entire entry (with name obsfucated) is:

# Creates built at: 01/16/2014 16:27
#
# LDAPJacks_Name_Lookup has been updated, so if this batch is not processed that file will need to be manipulated
#
# 7239114
dn: CN=Last\, First,OU=Import,OU=Stu_Applicants,DC=jacks,DC=local
changetype: add
objectclass: user
cn: Last, First Middle
displayname: Last, First Middle - SDSU Student
name: First Middle Last
Initials: A
mAPIRecipient: FALSE
givenname: First
extensionAttribute2: 7239114
sn: Last
samAccountName: eaLast
mailNickname: First.Last
userPrincipalName: First.Last@jacks.sdstate.edu
mail: First.Last@jacks.sdstate.edu
proxyAddresses: SMTP:First.Last@jacks.sdstate.edu
targetAddress: SMTP:First.Last@jacks.sdstate.edu
extensionAttribute6: AD
msExchHideFromAddressLists: TRUE
Title: APPL
Department: Applicant
streetAddress: Off Campus
physicalDeliveryOfficeName: Off Campus
l: Brookings
st: SD
description: Stu_Applicants
postalCode: 57007
company: SDSU
userParameters: m:                    d\t
0
Comment
Question by:WJoeMoore
  • 3
5 Comments
 

Author Comment

by:WJoeMoore
ID: 39788768
I attached the wrong message.  That was the message I got when I switched something.  The original error was:

C:\d drive scripts>ldifde -i -f "2014-01-16-NewAD_1.ldf" -s seacat -j "c:\d drive scripts"

Connecting to "seacat"

Logging in as current user using SSPI

Importing directory from file "2014-01-16-NewAD_1.ldf"

Loading entries.

Add error on entry starting on line 6: Invalid DN Syntax

The server side error is: 0x2081 Multiple values were specified for an attribute

that can have only one value.

The extended server error is:

00002081: NameErr: DSID-03050C42, problem 2003 (BAD_ATT_SYNTAX), data 0, best ma

tch of:

        'CN=**************,OU=Import,OU=Stu_Applicants,DC=jacks,DC=local'

 

0 entries modified successfully.

An error has occurred in the program
0
 
LVL 22

Expert Comment

by:Matt V
ID: 39790203
You cannot specify multiple OUs.  Specify the lowest level OU as the OU for the new entry.
0
 
LVL 61

Expert Comment

by:gheist
ID: 39792242
since object'c cn is part of it.... you actually can not.
0
 

Accepted Solution

by:
WJoeMoore earned 0 total points
ID: 39829646
Neither of these responses are correct.  My problem was that the cn: entry did not match the cn: part of the dn.
0
 

Author Closing Comment

by:WJoeMoore
ID: 39843890
It took me way to long to realize this--but it was not EE that gave me the answer.
0

Join & Write a Comment

Suggested Solutions

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now