The second way to import data into LDAP is manual import, of course, manual import is also divided into two, the first is to manually edit the LDIF file, and then use the Ldapadd command to import, the second is to use the Ldapadd command directly in the interactive mode of data entry.
First: Import data by manually editing an LDIF file
Below I manually edit two LDIF files:
[email protected] ~]# cat Ou.ldif
Dn:ou=sudoers,ou=people,dc=contoso,dc=com
Objectclass:organizationalunit
Ou:sudoers
Dn:ou=superusers,ou=people,dc=contoso,dc=com
Objectclass:organizationalunit
Ou:superusers
Dn:ou=disabled,ou=people,dc=contoso,dc=com
Objectclass:organizationalunit
Ou:disabled
[email protected] ~]# cat User.ldif
Dn:uid=test01,ou=sudoers,ou=people,dc=contoso,dc=com
uid:test01
cn:test01
Objectclass:account
Objectclass:posixaccount
UserPassword: {crypt}$6$xvz5hneh$gzlc19e6tiq/4y3hmtcwrjjkvzvci2ia.z.qpqhwhu.msv1ut7uziavg8helvbgzjsn3z1te75c/ Dnz. C0ov50
Loginshell:/bin/bash
uidnumber:10006
gidnumber:10006
HomeDirectory:/home/test01
Dn:uid=test02,ou=superusers,ou=people,dc=contoso,dc=com
uid:test02
cn:test02
Objectclass:account
Objectclass:posixaccount
UserPassword: {crypt}$6$xvz5hneh$gzlc19e6tiq/4y3hmtcwrjjkvzvci2ia.z.qpqhwhu.msv1ut7uziavg8helvbgzjsn3z1te75c/ Dnz. C0ov50
Loginshell:/bin/bash
uidnumber:10007
gidnumber:10007
HomeDirectory:/home/test02
Dn:uid=test03,ou=disabled,ou=people,dc=contoso,dc=com
uid:test03
cn:test03
Objectclass:account
Objectclass:posixaccount
UserPassword: {crypt}$6$xvz5hneh$gzlc19e6tiq/4y3hmtcwrjjkvzvci2ia.z.qpqhwhu.msv1ut7uziavg8helvbgzjsn3z1te75c/ Dnz. C0ov50
Loginshell:/bin/bash
uidnumber:10008
gidnumber:10008
HomeDirectory:/home/test03
Then use Ldapadd to import:
[Email protected] ~]# Ldapadd-x-D "cn=admin,dc=contoso,dc=com"-w-f ou.ldif
Enter LDAP Password:
Adding new entry "ou=sudoers,ou=people,dc=contoso,dc=com"
Adding new entry "ou=superusers,ou=people,dc=contoso,dc=com"
Adding new entry "ou=disabled,ou=people,dc=contoso,dc=com"
[Email protected] ~]# Ldapadd-x-D "cn=admin,dc=contoso,dc=com"-w-f user.ldif
Enter LDAP Password:
Adding new entry "uid=test01,ou=sudoers,ou=people,dc=contoso,dc=com"
Adding new entry "uid=test02,ou=superusers,ou=people,dc=contoso,dc=com"
Adding new entry "uid=test03,ou=disabled,ou=people,dc=contoso,dc=com"
The second type: manual entry in the interactive mode of the Ldapadd command
Input Ldapadd-x-D "cn=admin,dc=contoso,dc=com"-w command, enter the password after entering the admin, and then enter the interactive mode, at this time you can enter the LDAP information to input, after the completion of the input to press CTRL + D key to save the interactive mode, if the information entered without error will be imported successfully.
The most error-prone place here is an error in the correspondence between the object class and the attribute, which is defined in the schema document. The relationship between them is such that some properties in the object class are required, and some are optional. The attributes of the input information must be defined in the object class to be used. At the same time, it is important to note that there must be no space behind each line, or it will error.
[Email protected] ~]# Ldapadd-x-D "cn=admin,dc=contoso,dc=com"-W
Enter LDAP Password:
Dn:uid=developer,ou=sudoers,ou=people,dc=contoso,dc=com
Uid:developer
Cn:developer
Objectclass:account
Objectclass:posixaccount
userpassword:123456
Loginshell:/bin/bash
uidnumber:10010
gidnumber:10010
HomeDirectory:/home/developeradding new Entry "uid=developer,ou=sudoers,ou=people,dc=contoso,dc=com"
After the entry was successful, I searched for the newly added developer:
[Email protected] ~]# Ldapsearch-lll-x-D "cn=admin,dc=contoso,dc=com"-w-b "dc=contoso,dc=com" ' (uid=developer) '
Enter LDAP Password:
Dn:uid=developer,ou=sudoers,ou=people,dc=contoso,dc=com
Uid:developer
Cn:developer
Objectclass:account
Objectclass:posixaccount
UserPassword:: MTIzNDU2
Loginshell:/bin/bash
uidnumber:10010
gidnumber:10010
HomeDirectory:/home/developer
OK, the successful search to just add the developer user, indicating the success of manual entry.
In view of manual input error-prone, and the relationship between the object class and attributes are easy to remember, so generally do not apply manual input method, and manually generate LDIF file to import the method is good, you can compare the original data to the LDIF file to write, also avoid in the Ldapadd command Exchange Mode easy multiple spaces , editing difficulties, and so on, it is recommended to use the first way, of course, this is only the choice between the two methods, the next one will describe the use of LDAP client for data management, is also an optional scenario.
This article is from "it Little two lang" blog, please make sure to keep this source http://jerry12356.blog.51cto.com/4308715/1851207
OpenLDAP Import data (ii)