| Author |
Message |
|
|
We will take a look into it and will let you know as soon as we fix the issue.
Thank you for reporting this issue.
|
 |
|
|
1. Do I understand it correctly that "LDAP Admin Tool" uses Microsoft's "LDIFDE"?
No we don't use the Microsoft's LDIFIDE for import, we use the standard LDIF import process
2. Is adding a user to a group via "LDIF import" the same as 'changing Group Membership'?
With Active Directory LDIF import is different than any other directories as AD does not load the system attributes during LDIF import and if you provide system attributes it will fail.
We specifically don't load the following attributes during the ldif import
sAMAccountType,lastLogon,lastLogon,whenCreated,badPasswordTime,ockoutTime,whenChanged,primaryGroupID,badPwdCount,lastLogoff,primaryGroupID,pwdLastSet,accountExpires,logonCount,adminCount,userAccountControl
We also look at the schema for the system attributes and if the attribute is identified as system attribute (systemOnly=TRUE), we don't load it.
In this case it look like the 'memberof' attribute is identified as system attribute and that is why it was not loaded.
3. If I have 'memberOf: ' lines in a (large) ldif-file, there is no way to import these in AD then?
Try loading the same file with Microsoft's LDIFDE and see if you get the same results.
We will look at the code again and if possible will provide the memberof loading in the next release.
|
|
|
|
Please see the following article on ldif export in active directory
http://support.microsoft.com/kb/555634
LDIFDE doesn’t support changing Group Membership. You can use CSVDE or ADDUSERS.exe or DStools for Windows 2003 Editions.
|
|
|
|
Unfortunately we don't have any experience in installing/configuring openldap on windows.
You can find a lot of tutorials on how to set up openldap on linux.
A good tutorial for configuring openldap on linux can be found at: http://www.yolinux.com/TUTORIALS/LinuxTutorialLDAP.html
Once you are able to configure openldap on windows, Ldap Admin Tool can help you manage openldap server.
|
|
|
|
You can't apply the substring changes using update statement.
For substring changes ldif is the best option.
Thanks
|
|
|
|
To export password or any binary field in text, please follow the following steps
1. Click the entry, select the userPassword attribute and from the right click context menu select 'Edit Value with...|Text Editor'
2. Now when you export entries, text values will be exported.
Once you are done with the export revert to the default editor - Right Click context menu select 'Edit Value with..|Restore Default Editor'
|
|
|
|
LDAP Filter does'nt support multiple OU Search in a single search, you must define a base DN.
To search in multiple containers select a top level container and find a common attribute, even a few letters common will work.
If you are unable to find a common attribute you can create one - find an empty attribute and run the update command to update the entries in the container with a common values.
UPDATE OU=test,DC=LDAPSoft,dc=com SET businessCategory='test'
subtreescope
Please make sure to run the update in Development environment before running the statement in production.
DN is not an attribute so you can't search on it.
|
|
|
|
It is very easy to add remove member to/from group.
Just select the group and from right click context menu select Add/Remove Members.
or select the group and from properties, select the appropriate tab
Trial version has no limitation other than number of days it can run without license.
|
|
|
|
Is there any attribute like 'ou' which is populated for the entries in those containers, which can tell which container it belongs too?
If there is one, then you can filter using that attribute.
|
|
|
|
Ldap Admin Tool won't but operating system will.
Linux OS will automatically create user's home directory on next login.
|
|
|
|
The attributes with two colon's "::" are base64 encoded. This is due to the data containing non-printable/special characters.
You can use any base64 decoder to decode the values.
Please note that while importing the data these values will be decoded and inserted.
|
|
|
|
|
Active directory does not publish that information, so you can't
|
|
|
|
|
This issue has been fixed in release 2.10, please download the latest version from the download page or Help|Update menu.
|
|
|
|
Please read the following on how to fix this issue:
http://www.ldapsoft.com/activedirectorysslissue.html
|
|
|
|
The data is definitely base64 encoded
You can try it using an online tool
http://www.motobit.com/util/base64-decoder-encoder.asp
put the value '<BR>Sign Out' it will convert the value to the one you mentioned.
It must be the special characters '<>' which is triggering the auto Base64 encoding to preserve the special character.
You should be fine importing the data as import will convert the data while importing.
Also please note the two colons "::" which will tell the import process that attribute is Base64 encoded and the import process will decode and insert the value.
Let us know if you find problems during import process.
|
|
|
|
![[Search]](/forum/templates/default/images/icon_mini_search.gif){kind=icon}
![[Register]](/forum/templates/default/images/icon_mini_register.gif){kind=icon}
Register![[Login]](/forum/templates/default/images/icon_mini_login.gif){kind=icon}
Login![[Recent Topics]](/forum/templates/default/images/icon_mini_recentTopics.gif){kind=icon}
Recent Topics
![[Members]](/forum/templates/default/images/icon_mini_members.gif){kind=icon}
Member Listing