Components | All | New | MacOS | Windows | Linux | iOS | ||||
Examples | Mac & Win | Server | Client | Guides | Statistic | FMM | Blog | Deprecated | Old |
Changes the distinguished name of an entry in the directory.
Component | Version | macOS | Windows | Linux | Server | iOS SDK |
LDAP | 6.0 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ❌ No |
Parameter | Description | Example | Flags |
---|---|---|---|
LDAPRef | The reference number for the LDAP connection. | $ldap | |
DN | The distinguished name of the entry to be renamed. | ||
NewRDN | The new relative distinguished name. | ||
NewParent | The distinguished name of the new parent for this entry. This parameter enables you to move the entry to a new parent container. Can be empty. |
Optional | |
DeleteOldRdn | 1 if the old relative distinguished name should be deleted; 0 if the old relative distinguished name should be retained. | 1 | Optional |
Returns OK or error.
Moves an user from one group to other group:
$userDN = "CN=testUser,OU=TestOU1,OU=Groups,DC=example,DC=com"
$rdn = "CN=testUser"
$targetOU = "OU=TestOU2,OU=Groups,DC=example,DC=com"
$deleteOldRdn = 1
MBS( "LDAP.Rename" ; $ldap ; $personDN ; $rdn ; $targetOU ; $deleteOldRdn)
Example script to assign an organization unit for an user:
# ========================================
# Purpose:
# Assigns the OU of a single AD user
# Returns:
# 0 for success
# Error text if unsuccessful
# Parameters:
# $serverName
# $serverDomain
# $personDN
# $targetOU (the full DN of the target OU)
# Called from:
# (script) "Set AD OU"
# Author:
# John Munro (HJM) from Deutsche Schule Tokyo Yokohama
# Notes:
# none
# History:
# 2020-07-10 HJM - created
# 2021-05-20 HJM - Replaced bind code with call to LDAPServerBind (including added parameter $serverDomain to all calls)
# ========================================
#
Set Variable [ $! ; Value: #Assign ( Get ( ScriptParameter ) ) ]
#
// # The branch in LDAP containing all active entries
// Set Variable [ $searchBase ; Value: "ou=DSTY Groups,dc=dsty,dc=ac,dc=jp" ]
#
Set Error Capture [ On ]
#
# If debugging these parameters will be empty so fill with test data
If [ $serverName = "" ]
Set Variable [ $serverName ; Value: "sys-dc1" ]
End If
If [ $serverName = "" ]
Set Variable [ $serverDomain ; Value: "dsty.ac.jp" ]
End If
If [ $personDN = "" ]
Set Variable [ $personDN ; Value: "CN=DySIS testUser,OU=VerwaltungOU,OU=DSTY Groups,DC=dsty,DC=ac,DC=jp" ]
End If
If [ $targetOU = "" ]
Set Variable [ $targetOU ; Value: "OU=Pre-handover,OU=DSTY Groups,DC=dsty,DC=ac,DC=jp" ]
End If
#
#
# Bind to LDAP
Perform Script [ Specified: From list ; “LDAPServerBind” ; Parameter: # ( "serverName" ; $serverName ) & # ( "serverDomain" ; $serverDomain ) ]
# Returns $error,$resultText, $ldap
#
Set Variable [ $! ; Value: #Assign ( Get ( ScriptResult ) ) ]
If [ $error <> 0 ]
Go to Layout [ original layout ; Animation: None ]
Show Custom Dialog [ "LDAP error" ; $resultText ]
Exit Script [ Text Result: # ( "error" ; $error ) & # ( "resultText" ; "LDAP error: " & $resultText ) ]
End If
#
#
# Check the targetOU is valid (exit with error if not)
Set Variable [ $LDAPFilter ; Value: "" ]
Set Variable [ $result ; Value: MBS ( "LDAP.Search" ; $ldap ; $targetOU ; "base" ; $LDAPFilter ; "" ; 0 ; 4 ; 1 ) ]
If [ MBS("LDAP.SearchResult.DistinguishedName"; $ldap; 0 ) = $targetOU ]
#
# Check the target is an actual Organisational Unit
Set Variable [ $objectClasses ; Value: MBS("LDAP.SearchResult.AttributeValuesByName" ; $ldap ; 0 ; "objectClass" ) ]
#
If [ FilterValues ( $objectClasses ; "organizationalUnit" ) = "" ]
# The target is not an actual Organisational Unit so exit with error
Set Variable [ $errorText ; Value: "Target is not an Organizational Unit." & ¶ & $targetOU & ¶ & $result ]
Show Custom Dialog [ "LDAP Error" ; $errorText ]
# Cleanup
Set Variable [ $releaseResult ; Value: MBS("LDAP.Release"; $ldap) ]
Exit Script [ Text Result: "LDAP error. " & $errorText ]
End If
#
End If
#
#
# Check the personDN is valid and update the dn to contain the targetOU
Set Variable [ $LDAPFilter ; Value: "" ]
Set Variable [ $result ; Value: MBS ( "LDAP.Search" ; $ldap ; $personDN ; "base" ; $LDAPFilter ; "" ; 0 ; 4 ; 1 ) ]
If [ MBS( "IsError" ) ]
Set Variable [ $errorText ; Value: "Failed to locate the personDN." & ¶ & $personDN & ¶ & $result ]
Show Custom Dialog [ "LDAP Error" ; $errorText ]
# Cleanup
Set Variable [ $releaseResult ; Value: MBS("LDAP.Release"; $ldap) ]
Exit Script [ Text Result: "LDAP error. " & $errorText ]
End If
#
Set Variable [ $foundDN ; Value: MBS("LDAP.SearchResult.DistinguishedName"; $ldap; 0 ) ]
If [ $foundDN <> $personDN ]
Set Variable [ $errorText ; Value: "The found record DN did not match personDN." & ¶ & "Found: " & $foundDN & ¶ & "PersonDN: " & $personDN & ¶ & $result ]
Show Custom Dialog [ "LDAP Error" ; $errorText ]
# Cleanup
Set Variable [ $releaseResult ; Value: MBS("LDAP.Release"; $ldap) ]
Exit Script [ Text Result: "LDAP error. " & $errorText ]
End If
#
// # Build the JSON for the modify
// Set Variable [ $json ; Value: "[{ \"operation\": \"Replace\", \"type\": \"distinguishedName\", \"value\": \"" & $newPersonDN & "\" }]" ]
#
# Attempt to move the user record to the new DN
Set Variable [ $cn ; Value: MBS("LDAP.SearchResult.AttributeValuesByName" ; $ldap ; 0 ; "cn" ) ]
Set Variable [ $rdn ; Value: "CN=" & $cn ]
Set Variable [ $deleteOldRdn ; Value: 1 ]
Set Variable [ $result ; Value: MBS( "LDAP.Rename" ; $ldap ; $personDN ; $rdn ; $targetOU ; $deleteOldRdn ) ]
If [ MBS( "IsError" ) ]
Set Variable [ $errorText ; Value: "Failed to modify the personDN." & ¶ & "From: " & $personDN & ¶ & "To: " & $rdn & ¶ & "Under: " & $targetOU & ¶ & $result ]
Show Custom Dialog [ "LDAP Error" ; $errorText ]
# Cleanup
Set Variable [ $releaseResult ; Value: MBS("LDAP.Release"; $ldap) ]
Exit Script [ Text Result: "LDAP error. " & $errorText ]
End If
#
#
# Cleanup
Set Variable [ $releaseResult ; Value: MBS("LDAP.Release"; $ldap) ]
Go to Layout [ original layout ; Animation: None ]
#
#
# Return error free result
Exit Script [ Text Result: 0 ]
This function checks for a license.
Created 15th December 2015, last changed 27th July 2021