Components | All | New | MacOS | Windows | Linux | iOS | ||||
Examples | Mac & Win | Server | Client | Guides | Statistic | FMM | Blog | Deprecated | Old |
LDAP.Rename
Changes the distinguished name of an entry in the directory.
Component | Version | macOS | Windows | Linux | Server | iOS SDK |
LDAP | 6.0 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ❌ No |
Parameters
Parameter | Description | Example | Flags |
---|---|---|---|
LDAPRef | The reference number for the LDAP connection. | $ldap | |
DN | The distinguished name of the entry to be renamed. | ||
NewRDN | The new relative distinguished name. | ||
NewParent | The distinguished name of the new parent for this entry. This parameter enables you to move the entry to a new parent container. Can be empty. |
Optional | |
DeleteOldRdn | 1 if the old relative distinguished name should be deleted; 0 if the old relative distinguished name should be retained. | 1 | Optional |
Result
Returns OK or error.
Description
Changes the distinguished name of an entry in the directory.This function is available effective with LDAP 3.
Examples
Moves an user from one group to other group:
$userDN = "CN=testUser,OU=TestOU1,OU=Groups,DC=example,DC=com"
$rdn = "CN=testUser"
$targetOU = "OU=TestOU2,OU=Groups,DC=example,DC=com"
$deleteOldRdn = 1
MBS( "LDAP.Rename" ; $ldap ; $personDN ; $rdn ; $targetOU ; $deleteOldRdn)
Example script to assign an organization unit for an user:
# ========================================
# Purpose:
# Assigns the OU of a single AD user
# Returns:
# 0 for success
# Error text if unsuccessful
# Parameters:
# $serverName
# $serverDomain
# $personDN
# $targetOU (the full DN of the target OU)
# Called from:
# (script) "Set AD OU"
# Author:
# John Munro (HJM) from Deutsche Schule Tokyo Yokohama
# Notes:
# none
# History:
# 2020-07-10 HJM - created
# 2021-05-20 HJM - Replaced bind code with call to LDAPServerBind (including added parameter $serverDomain to all calls)
# ========================================
#
Set Variable [ $! ; Value: #Assign ( Get ( ScriptParameter ) ) ]
#
// # The branch in LDAP containing all active entries
// Set Variable [ $searchBase ; Value: "ou=DSTY Groups,dc=dsty,dc=ac,dc=jp" ]
#
Set Error Capture [ On ]
#
# If debugging these parameters will be empty so fill with test data
If [ $serverName = "" ]
Set Variable [ $serverName ; Value: "sys-dc1" ]
End If
If [ $serverName = "" ]
Set Variable [ $serverDomain ; Value: "dsty.ac.jp" ]
End If
If [ $personDN = "" ]
Set Variable [ $personDN ; Value: "CN=DySIS testUser,OU=VerwaltungOU,OU=DSTY Groups,DC=dsty,DC=ac,DC=jp" ]
End If
If [ $targetOU = "" ]
Set Variable [ $targetOU ; Value: "OU=Pre-handover,OU=DSTY Groups,DC=dsty,DC=ac,DC=jp" ]
End If
#
#
# Bind to LDAP
Perform Script [ Specified: From list ; “LDAPServerBind” ; Parameter: # ( "serverName" ; $serverName ) & # ( "serverDomain" ; $serverDomain ) ]
# Returns $error,$resultText, $ldap
#
Set Variable [ $! ; Value: #Assign ( Get ( ScriptResult ) ) ]
If [ $error <> 0 ]
Go to Layout [ original layout ; Animation: None ]
Show Custom Dialog [ "LDAP error" ; $resultText ]
Exit Script [ Text Result: # ( "error" ; $error ) & # ( "resultText" ; "LDAP error: " & $resultText ) ]
End If
#
#
# Check the targetOU is valid (exit with error if not)
Set Variable [ $LDAPFilter ; Value: "" ]
Set Variable [ $result ; Value: MBS ( "LDAP.Search" ; $ldap ; $targetOU ; "base" ; $LDAPFilter ; "" ; 0 ; 4 ; 1 ) ]
If [ MBS("LDAP.SearchResult.DistinguishedName"; $ldap; 0 ) = $targetOU ]
#
# Check the target is an actual Organisational Unit
Set Variable [ $objectClasses ; Value: MBS("LDAP.SearchResult.AttributeValuesByName" ; $ldap ; 0 ; "objectClass" ) ]
#
If [ FilterValues ( $objectClasses ; "organizationalUnit" ) = "" ]
# The target is not an actual Organisational Unit so exit with error
Set Variable [ $errorText ; Value: "Target is not an Organizational Unit." & ¶ & $targetOU & ¶ & $result ]
Show Custom Dialog [ "LDAP Error" ; $errorText ]
# Cleanup
Set Variable [ $releaseResult ; Value: MBS("LDAP.Release"; $ldap) ]
Exit Script [ Text Result: "LDAP error. " & $errorText ]
End If
#
End If
#
#
# Check the personDN is valid and update the dn to contain the targetOU
Set Variable [ $LDAPFilter ; Value: "" ]
Set Variable [ $result ; Value: MBS ( "LDAP.Search" ; $ldap ; $personDN ; "base" ; $LDAPFilter ; "" ; 0 ; 4 ; 1 ) ]
If [ MBS( "IsError" ) ]
Set Variable [ $errorText ; Value: "Failed to locate the personDN." & ¶ & $personDN & ¶ & $result ]
Show Custom Dialog [ "LDAP Error" ; $errorText ]
# Cleanup
Set Variable [ $releaseResult ; Value: MBS("LDAP.Release"; $ldap) ]
Exit Script [ Text Result: "LDAP error. " & $errorText ]
End If
#
Set Variable [ $foundDN ; Value: MBS("LDAP.SearchResult.DistinguishedName"; $ldap; 0 ) ]
If [ $foundDN <> $personDN ]
Set Variable [ $errorText ; Value: "The found record DN did not match personDN." & ¶ & "Found: " & $foundDN & ¶ & "PersonDN: " & $personDN & ¶ & $result ]
Show Custom Dialog [ "LDAP Error" ; $errorText ]
# Cleanup
Set Variable [ $releaseResult ; Value: MBS("LDAP.Release"; $ldap) ]
Exit Script [ Text Result: "LDAP error. " & $errorText ]
End If
#
// # Build the JSON for the modify
// Set Variable [ $json ; Value: "[{ \"operation\": \"Replace\", \"type\": \"distinguishedName\", \"value\": \"" & $newPersonDN & "\" }]" ]
#
# Attempt to move the user record to the new DN
Set Variable [ $cn ; Value: MBS("LDAP.SearchResult.AttributeValuesByName" ; $ldap ; 0 ; "cn" ) ]
Set Variable [ $rdn ; Value: "CN=" & $cn ]
Set Variable [ $deleteOldRdn ; Value: 1 ]
Set Variable [ $result ; Value: MBS( "LDAP.Rename" ; $ldap ; $personDN ; $rdn ; $targetOU ; $deleteOldRdn ) ]
If [ MBS( "IsError" ) ]
Set Variable [ $errorText ; Value: "Failed to modify the personDN." & ¶ & "From: " & $personDN & ¶ & "To: " & $rdn & ¶ & "Under: " & $targetOU & ¶ & $result ]
Show Custom Dialog [ "LDAP Error" ; $errorText ]
# Cleanup
Set Variable [ $releaseResult ; Value: MBS("LDAP.Release"; $ldap) ]
Exit Script [ Text Result: "LDAP error. " & $errorText ]
End If
#
#
# Cleanup
Set Variable [ $releaseResult ; Value: MBS("LDAP.Release"; $ldap) ]
Go to Layout [ original layout ; Animation: None ]
#
#
# Return error free result
Exit Script [ Text Result: 0 ]
See also
- IsError
- LDAP.Release
- LDAP.Search
- LDAP.SearchResult.AttributeValue
- LDAP.SearchResult.AttributeValues
- LDAP.SearchResult.AttributeValuesByName
- LDAP.SearchResult.DistinguishedName
This function checks for a license.
Created 15th December 2015, last changed 27th July 2021