I have a requirement to change the CN of a LDAP group (cn=mahendra).
I have constructed the ldif file as shown below.
dn: cn=mahendra,cn=groups,dc=oracle,dc=com
changetype: modify
replace: cn
cn: mahendrak
When I ran the ldapmodify command to change DN, it resulted in error as shown below.
$ ./ldapmodify -h testmac.oracle.com -p 389 -D cn=orcladmin -w Admin123 -v -f mahendra.ldif
replace cn:
mahendrak
modifying entry cn=mahendra,cn=groups,dc=oracle,dc=com
ldap_modify: Operation not allowed on RDN
ldap_modify: additional info: Modifying the naming attribute for the entry without modifying the dn
So here is the workaround. The DN value has to be changed in a different manner, look at the ldif file constructed for it.
dn: cn=mahendra,cn=groups,dc=oracle,dc=com
changetype: moddn
newrdn: cn=mahendrak
deleteoldrdn: 1
When I ran the ldapmodify it is succesful.
$ ./ldapmodify -h testmac.oracle.com -p 389 -D cn=orcladmin -w Admin123 -v -f mahendra.ldif
new RDN: cn=mahendrak (do not keep existing values)
modifying rdn of entry cn=mahendra,cn=groups,dc=oracle,dc=com
modrdn completed
Comments are closed.