A bug in a PHP script has caused some entries in the LDAP database to have invalid entries:
# James + Bond, people, mi6.gov.uk
dn: cn=James+sn=Bond,ou=people,dc=mi6,dc=gov,dc=uk
sn: Bond
givenName: James
cn:: U3RldmUg
gecos:: U3RldmUg
As you can see, the
cn: and
gecos: have the invalid entries - they should be
James Bond.
I did attempt to correct the problem with ldapmodify by putting the following into a file called updateCN.ldif:
dn: cn=James+sn=Bond,ou=people,dc=mi6,dc=gov,dc=uk
changetype:modify
replace: cn
cn: James Bond
and executing the following command:
ldapmodify -x -W -D "cn=admin,dc=mi6,dc=gov,dc=uk" -f updateCN.ldif
This returned the following error
Enter LDAP Password:
modifying entry "cn=James+sn=Bond,ou=people,dc=mi6,dc=gov,dc=uk"
ldap_modify: Naming violation (64)
additional info: value of naming attribute 'cn' is not present in entry
How can I correct the invalid entries in the LDAP database?