We are using the following LDIF to remove POSIX Attributes from our LDAP Directory. This works fine, except in the case where an attribute does not exist. For e.g. it will fail if the homedirectory attribute doesn't exist. How can I make this such that the rest of attributes will be deleted even if one or more of them are not set for an entry?
dn: uid=5,ou=people,o=company.com,o=corp
changetype: modify
delete: uidnumber
-
delete: homedirectory
-
delete: objectclass
objectclass: posixAccount
-
delete: loginshell
-
delete: unixusername
-
delete: gidnumber
-
There is no way to do this sort of logic in the LDIF file itself. You'll have to separate out the modifications in different entries...
dn: uid=5,ou=people,o=company.com,o=corp
changetype: modify
delete: uidnumber
dn: uid=5,ou=people,o=company.com,o=corp
changetype: modify
delete: homeDirectory
dn: uid=5,ou=people,o=company.com,o=corp
changetype: modify
delete: loginShell
..and so on.