Chapter 8 Adding, Updating, and Deleting Entries This chapter explains how to use the LDAP Java classes to add, modify, delete, and rename entries in the directory. The chapter includes the following sections:
This chapter explains how to use the LDAP Java classes to add, modify, delete, and rename entries in the directory.
"Adding a New Entry"
"Modifying an Entry"
"Deleting an Entry"
"Changing the Name of an Entry"
Create each individual attribute that will be in the entry. (See "Creating a New Attribute".)
Create the set of attributes that make up the entry, and add each of the attributes to this set. (See "Creating a New Attribute Set".)
Create the new entry, specifying a unique distinguished name (DN) to identify the entry and the set of attributes that make up the entry. (See "Creating a New Entry".)
Add the new entry to directory. (See "Adding the Entry to the Directory".)
... LDAPAttribute attr = new LDAPAttribute( "cn", "Jane St. Clair" ); ...
... String objectclasses[] = { "top", "person", "organizationalPerson", "inetOrgPerson" }; LDAPAttribute attr = new LDAPAttribute( "objectclass", objectclasses ); ...
... LDAPAttribute attr1 = new LDAPAttribute( "cn", "Jane St. Clair" ); String objectclasses[] = { "top", "person", "organizationalPerson", "inetOrgPerson" }; LDAPAttribute attr2 = new LDAPAttribute( "objectclass", objectclasses ); LDAPAttributeSet attrSet = new LDAPAttributeSet(); attrSet.add( attr1 ); attrSet.add( attr2 ); ...
... LDAPAttribute attr1 = new LDAPAttribute( "cn", "Jane St. Clair" ); String objectclasses[] = { "top", "person", "organizationalPerson", "inetOrgPerson" }; LDAPAttribute attr2 = new LDAPAttribute( "objectclass", objectclasses ); LDAPAttributeSet attrSet = new LDAPAttributeSet(); attrSet.add( attr1 ); attrSet.add( attr2 ); String dn = "uid=jsclair,ou=People,o=Airius.com"; LDAPEntry newEntry = new LDAPEntry( dn, attrs ); ...
... try { LDAPConnection ld = new LDAPConnection(); ld.connect( "localhost", LDAPv2.DEFAULT_PORT ); ld.authenticate( "cn=Directory Manager", "23skidoo" ); LDAPEntry newEntry = new LDAPEntry( dn, attrs ); ld.add( newEntry ); ...
You have specified the object classes of the entry (use the "objectclass" attribute to specify these) and the required attributes for that object class.
For example, in the Netscape Directory Server, organizational units are represented by entries of the "organizationalUnit" object class. To add an entry for a person, you need to specify the following attributes in the entry:
objectclass (this attribute should have the values "top" and "organizationalUnit")
ou (this is a required attribute)
For a listing of object classes and their required attributes, see the Directory Server Administrator's Guide.
Make sure that you authenticate as a user who has the access permissions to add the entry to the directory. (If you do not have permission to add the entry, an LDAPException is thrown with the result code LDAPException.INSUFFICIENT_ACCESS_RIGHTS.)
import netscape.ldap.*; import java.util.*; public class Add { public static void main( String[] args ) { /* Specify the DN of the new entry. */ String dn = "uid=wbjensen, ou=People, o=Airius.com"; /* Create a new attribute set for the entry. */ LDAPAttributeSet attrs = new LDAPAttributeSet(); /* Create and add attributes to the attribute set. */ String objectclass_values[] = { "top", "person", "organizationalPerson", "inetOrgPerson" }; LDAPAttribute attr = new LDAPAttribute( "objectclass", objectclass_values ); attrs.add( attr ); String cn_values[] = { "William B Jensen", "William Jensen", "Bill Jensen" }; attr = new LDAPAttribute( "cn", cn_values ); attrs.add( attr ); String givenname_values[] = { "William", "Bill" }; attr = new LDAPAttribute( "givenname", givenname_values ); attrs.add( attr ); attrs.add( new LDAPAttribute( "sn", "Jensen" ) ); attrs.add( new LDAPAttribute( "telephonenumber", "+1 415 555 1212" ) ); attrs.add( new LDAPAttribute( "uid", "wbjensen" ) ); /* Create an entry with this DN and these attributes . */ LDAPEntry myEntry = new LDAPEntry( dn, attrs ); /* Connect to the server and add the entry. */ LDAPConnection ld = null; int status = -1; try { ld = new LDAPConnection(); /* Connect to the server. */ String HOSTNAME= "localhost"; ld.connect( HOSTNAME, LDAPv2.DEFAULT_PORT ); /* Authenticate to the server as the directory manager. */ String MGR_DN = "cn=Directory Manager"; String MGR_PW = "23skidoo"; ld.authenticate( MGR_DN, MGR_PW ); /* Add the entry to the directory. */ ld.add( myEntry ); System.out.println( "Added entry successfully." ); } catch( LDAPException e ) { if (e.getLDAPResultCode() == LDAPException.ENTRY_ALREADY_EXISTS ) System.out.println( "Error: Entry already present" ); else System.out.println( "Error: " + e.toString() ); } /* When done, disconnect from the server. */ if ( (ld != null) && ld.isConnected() ) { try { ld.disconnect(); } catch ( LDAPException e ) { System.out.println( "Error: " + e.toString() ); } } System.exit(status); } }
Specify each change to an attribute that needs to be made. You can do one of the following:
If you are making only one change to the entry, you need to construct an LDAPModification object specifying the change that needs to be made.
If you are making more than one change, you need to construct an LDAPModificationSet object specifying the changes that need to be made.
See "Specifying the Changes" for details.
Use the distinguished name of the entry to find and update the entry in the directory. (See "Modifying the Entry in the Directory".)
Adding New Values to an Attribute
Removing Values to an Attribute
Replacing the Values of an Attribute
Adding a New Attribute
Removing an Attribute
If you are only making a single change to the entry, construct a new LDAPModification objectto specify that change. Pass LDAPModification.ADD and the LDAPAttribute object as arguments to the LDAPModification constructor.
If you are collecting multiple changes to an entry in an LDAPModificationSet object, invoke the add method to add this change to the list. Pass LDAPModification.ADD and the LDAPAttribute object as arguments to this method.
... LDAPModificationSet mods = new LDAPModificationSet(); LDAPAttribute attrMail = new LDAPAttribute( "mail", "babs@airius.com" ); mods.add( LDAPModification.ADD, attrMail ); ...
If you are only making a single change to the entry, construct a new LDAPModification object to specify that change. Pass LDAPModification.DELETE and the LDAPAttribute object as arguments to the LDAPModification constructor.
If you are collecting multiple changes to an entry in an LDAPModificationSet object, invoke the add method to add this change to the list. Pass LDAPModification.DELETE and the LDAPAttribute object as arguments to this method.
... LDAPModificationSet mods = new LDAPModificationSet(); LDAPAttribute attrMail = new LDAPAttribute( "mail", "babs@airius.com" ); mods.add( LDAPModification.DELETE, attrMail ); ...
If you are only making a single change to the entry, construct a new LDAPModification object to specify that change. Pass LDAPModification.REPLACE and the LDAPAttribute object as arguments to the LDAPModification constructor.
If you are collecting multiple changes to an entry in an LDAPModificationSet object, invoke the add method to add this change to the list. Pass LDAPModification.REPLACE and the LDAPAttribute object as arguments to this method.
... LDAPModificationSet mods = new LDAPModificationSet(); String attrValues = { "bjensen@airius.com", "babs@airius.com" } LDAPAttribute attrMail = new LDAPAttribute( "mail", attrValues ); mods.add( LDAPModification.REPLACE, attrMail ); ...
replace the values of the attribute with no values (construct the LDAPAttribute object with no values)
specify that you want to remove a value from the attribute, and specify no value (construct the LDAPAttribute object with no values)
remove all values of the attribute
... LDAPModificationSet mods = new LDAPModificationSet(); LDAPAttribute attrMail = new LDAPAttribute( "mail" ); LDAPAttribute attrDesc = new LDAPAttribute( "description" ); mods.add( LDAPModification.REPLACE, attrMail ); mods.add( LDAPModification.DELETE, attrDesc ); ...
You are not removing any of the required attributes for that object class.
For example, in the Netscape Directory Server, organizational units are represented by entries of the "organizationalUnit" object class. The "ou" attribute is a required attribute of the object class and should not be removed.
Make sure that you authenticate as a user who has the access permissions to modify the entry in the directory. (If you do not have permission to modify the entry, an LDAPException is thrown with the result code LDAPException.INSUFFICIENT_ACCESS_RIGHTS.)
import netscape.ldap.*; import java.util.*; public class ModAttrs { public static void main( String[] args ) { /* Specify the entry to be modified. */ String ENTRYDN = "uid=wbjensen, ou=People, o=Airius.com"; /* Create a new set of modifications. */ LDAPModificationSet mods = new LDAPModificationSet(); /* Add each change to an attribute to the set of modifications. */ LDAPAttribute attrEmail = new LDAPAttribute( "mail", "willj@airius.com" ); mods.add( LDAPModification.REPLACE, attrEmail ); LDAPAttribute attrDesc = new LDAPAttribute( "description", "This entry was modified with the modattrs program" ); mods.add( LDAPModification.ADD, attrDesc ); LDAPAttribute attrPhone = new LDAPAttribute("telephoneNumber"); mods.add( LDAPModification.DELETE, attrPhone ); /* Connect to the server and modify the entry. */ LDAPConnection ld = null; int status = -1; try { ld = new LDAPConnection(); /* Connect to the server. */ String HOSTNAME = "localhost"; ld.connect( HOSTNAME, LDAPv2.DEFAULT_PORT ); /* Authenticate to the server as directory manager */ String MGR_DN = "cn=Directory Manager"; String MGR_PW = "23skidoo"; ld.authenticate( MGR_DN, MGR_PW ); /* Now modify the entry in the directory */ ld.modify( ENTRYDN, mods ); System.out.println( "Successfully modified the entry." ); } catch( LDAPException e ) { if ( e.getLDAPResultCode() == LDAPException.NO_SUCH_OBJECT ) System.out.println( "Error: No such entry" ); else if ( e.getLDAPResultCode() == LDAPException.INSUFFICIENT_ACCESS_RIGHTS ) System.out.println( "Error: Insufficient rights" ); else if ( e.getLDAPResultCode() == LDAPException.ATTRIBUTE_OR_VALUE_EXISTS ) System.out.println( "Error: Attribute or value exists" ); else System.out.println( "Error: " + e.toString() ); } /* Disconnect when done. */ if ( (ld != null) && ld.isConnected() ) { try { ld.disconnect(); } catch ( LDAPException e ) { System.out.println( "Error: " + e.toString() ); } } System.exit(status); } }
import netscape.ldap.*; import java.util.*; public class Del { public static void main( String[] args ) { /* Connect to the server and delete the entry. */ LDAPConnection ld = null; int status = -1; try { ld = new LDAPConnection(); /* Connect to the server. */ String HOSTNAME = "localhost"; ld.connect( HOSTNAME, LDAPv2.DEFAULT_PORT ); /* Authenticate to the server as the directory manager. */ String MGR_DN = "cn=Directory Manager"; String MGR_PW = "23skidoo"; ld.authenticate( MGR_DN, MGR_PW ); /* Delete the entry. */ String dn = "uid=wbjensen, ou=People, o=Airius.com"; ld.delete( dn ); System.out.println( "Entry deleted" ); } catch( LDAPException e ) { if ( e.getLDAPResultCode() == LDAPException.NO_SUCH_OBJECT ) System.out.println( "Error: No such entry" ); else if ( e.getLDAPResultCode() == LDAPException.INSUFFICIENT_ACCESS_RIGHTS ) System.out.println( "Error: Insufficient rights" ); else System.out.println( "Error: " + e.toString() ); } /* When done, disconnect from the server. */ if ( (ld != null) && ld.isConnected() ) { try { ld.disconnect(); } catch ( LDAPException e ) { System.out.println( "Error: " + e.toString() ); } } System.exit(status); } }
Change the relative distinguished name (RDN) of an entry. For example, you can
Change the location of an entry in the directory tree (in other words, change the distinguished name of an entry)
uid: wbjensen uid: wbj
ld.rename( "uid=wbjensen,ou=People,o=Airius.com", "uid=wjensen", true );
uid: wjensen uid: wbj
ld.rename( "uid=wbjensen,ou=People,o=Airius.com", "uid=wjensen", false );
uid: wjensen uid: wbjensen uid: wbj
import netscape.ldap.*; import java.util.*; public class Rename { public static void main( String[] args ) { /* Connect to the server and rename the entry. */ LDAPConnection ld = null; int status = -1; try { ld = new LDAPConnection(); /* Connect to the server. */ String HOSTNAME = "localhost"; ld.connect( HOSTNAME, LDAPv2.DEFAULT_PORT ); /* Authenticate to the server as the directory manager. */ String MGR_DN = "cn=Directory Manager"; String MGR_PW = "23skidoo"; ld.authenticate( MGR_DN, MGR_PW ); /* Change the RDN of the entry. */ String dn = "uid=wbjensen,ou=People,o=Airius.com"; String nrdn = "uid=wjensen"; ld.rename( dn, nrdn, true ); System.out.println( "Entry " + dn + " has been renamed." ); } catch( LDAPException e ) { if ( e.getLDAPResultCode() == LDAPException.NO_SUCH_OBJECT ) System.out.println( "Error: No such entry" ); else if ( e.getLDAPResultCode() == LDAPException.INSUFFICIENT_ACCESS_RIGHTS ) System.out.println( "Error: Insufficient rights" ); else if ( e.getLDAPResultCode() == LDAPException.ATTRIBUTE_OR_VALUE_EXISTS ) System.out.println( "Error: Attribute or value exists" ); else System.out.println( "Error: " + e.toString() ); } /* Done, so disconnect */ if ( (ld != null) && ld.isConnected() ) { try { ld.disconnect(); } catch ( LDAPException e ) { System.out.println( "Error: " + e.toString() ); } } System.exit(status); } }