LDIFDE/CSVDE imports for username (cn) containing a backslash?


J

jeffhenrichs

I have user accounts with backslashes in the name. The accounts are
being migrated from a database into an ADAM directory. Let's say a
username is of the form:

abc\defg

If I import this user via CSVDE the username becomes "abcdefg" (the
backslash is omitted). If I manually add the backslash to the user in
ADAM (so that it is abc\defg again) and then try to add the user to a
group via ldifde as follows:

dn: CN=mygroup,OU=groups,DC=company,DC=com
changetype: add
add: member
member: CN=abc\defg,OU=users,DC=company,DC=com

I get the following:

Connecting to "localhost"
Logging in as current user using SSPI
Importing directory from file "c:\temp\test_01.ldf"
Loading entries.
Add error on line 1: No Such Attribute
The server side error is: 0x57 The parameter is incorrect.
The extended server error is:
00000057: LdapErr: DSID-0C090AB7, comment: Error in attribute
conversion operation, data 0, va28
0 entries modified successfully.
An error has occurred in the program

I'm focussing on trying to get the LDIFDE to work right now. If I do
an export of the user the dn comes out as
CN=abc\defg,OU=users,DC=company,DC=com. Trying to do an import though
doesn't seem to work. I've tried putting the user's DN in quotes,
adding an additional \ escape character before the backslash and
neither seems to work. A bit of research makes me think that I'd have
to Base-64 encode the dn and then use "dn::". If that's the easiest
approach I'll probably end up manually adding the users to groups as it
will take less time.

Anyone know how to programmatically create a user with a backslash in
the name, or especially how to add such a user to an ADAM group
(preferrably via ldifde/csvde)? The reason for ldifde/csvde is that
there are tens of thousands of users and group memberships to migrate,
so we are working from spreadsheets (csvde or mail merge to ldifs)...

Thanks for any suggestions,
Jeff
 
Ad

Advertisements

J

jeffhenrichs

FYI I did a little more testing and can offer this:

The group's member attribute is actually
CN=abc\\defg,OU=users,DC=exxonmobil,DC=com. The sample ldif above is
incorrect in showing only one backslash. It is the username itself
(cn) that is abc\defg

So basically the user's distinguishedName already escapes the backslash
in the rdn. I've tried using 2 and 3 consecutive backslashes in the
dn: in the ldif. No luck. I then found an online site that generates
base64 encoding so I tried using

dn:: <<base64 encoded distinguishedName>>

with the distinguishedName containing both two backslashes and three.
In all cases I get the same error as above.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top