3 * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
4 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
6 /* ldapmodrdn.c - generic program to modify an entry's RDN using LDAP.
8 * Support for MODIFYDN REQUEST V3 (newSuperior) by:
10 * Copyright 1999, Juan C. Gomez, All rights reserved.
11 * This software is not subject to any license of Silicon Graphics
12 * Inc. or Purdue University.
14 * Redistribution and use in source and binary forms are permitted
15 * without restriction or fee of any kind as long as this notice
24 #include <ac/stdlib.h>
27 #include <ac/signal.h>
28 #include <ac/string.h>
29 #include <ac/unistd.h>
34 static char *binddn = NULL;
35 static char *passwd = NULL;
36 static char *ldaphost = NULL;
37 static int ldapport = 0;
38 static int not, verbose, contoper;
46 int remove ); /* flag: remove old RDN */
49 main(int argc, char **argv)
51 char *usage = "usage: %s [-nvkWc] [-M[M]] [-d debug-level] [-h ldaphost] [-P version] [-p ldapport] [-D binddn] [-w passwd] [ -f file | < entryfile | dn newrdn ] [-s newSuperior]\n";
52 char *myname,*infile, *entrydn, *rdn, buf[ 4096 ];
54 int rc, i, remove, havedn, authmethod, version, want_bindpw, debug, manageDSAit;
55 char *newSuperior=NULL;
58 not = contoper = verbose = remove = want_bindpw = debug = manageDSAit = 0;
59 authmethod = LDAP_AUTH_SIMPLE;
62 myname = (myname = strrchr(argv[0], '/')) == NULL ? argv[0] : ++myname;
64 while (( i = getopt( argc, argv, "WkKMcnvrh:P:p:D:w:d:f:s:" )) != EOF ) {
66 case 'k': /* kerberos bind */
67 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
68 authmethod = LDAP_AUTH_KRBV4;
70 fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
71 return( EXIT_FAILURE );
74 case 'K': /* kerberos bind, part one only */
75 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
76 authmethod = LDAP_AUTH_KRBV41;
78 fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
79 return( EXIT_FAILURE );
82 case 'c': /* continuous operation mode */
85 case 'h': /* ldap host */
86 ldaphost = strdup( optarg );
88 case 'D': /* bind DN */
89 binddn = strdup( optarg );
91 case 's': /* newSuperior */
92 newSuperior = strdup( optarg );
93 version = LDAP_VERSION3; /* This option => force V3 */
95 case 'w': /* password */
96 passwd = strdup( optarg );
100 for( p = optarg; *p == '\0'; p++ ) {
106 debug |= atoi( optarg );
108 case 'f': /* read from file */
109 infile = strdup( optarg );
112 ldapport = atoi( optarg );
114 case 'n': /* print adds, don't actually do them */
117 case 'v': /* verbose mode */
120 case 'r': /* remove old RDN */
124 /* enable Manage DSA IT */
131 switch( atoi(optarg) )
134 version = LDAP_VERSION2;
137 version = LDAP_VERSION3;
140 fprintf( stderr, "protocol version should be 2 or 3\n" );
141 fprintf( stderr, usage, argv[0] );
142 return( EXIT_FAILURE );
146 fprintf( stderr, usage, argv[0] );
147 return( EXIT_FAILURE );
151 if( authmethod != LDAP_AUTH_SIMPLE ) {
152 if( version == LDAP_VERSION3 ) {
153 fprintf(stderr, "Kerberos requires LDAPv2\n");
156 version = LDAP_VERSION2;
160 if( version == LDAP_VERSION2 ) {
161 fprintf(stderr, "manage DSA control requires LDAPv3\n");
164 version = LDAP_VERSION3;
167 if (newSuperior != NULL) {
168 if (version == LDAP_VERSION2) {
170 "%s: version conflict!, -s newSuperior requires LDAPv3\n",
172 fprintf( stderr, usage, argv[0] );
173 return( EXIT_FAILURE );
176 /* promote to LDAPv3 */
177 version = LDAP_VERSION3;
181 if (argc - optind == 2) {
182 if (( rdn = strdup( argv[argc - 1] )) == NULL ) {
184 return( EXIT_FAILURE );
186 if (( entrydn = strdup( argv[argc - 2] )) == NULL ) {
188 return( EXIT_FAILURE );
191 } else if ( argc - optind != 0 ) {
192 fprintf( stderr, "%s: invalid number of arguments, only two allowed\n", myname);
193 fprintf( stderr, usage, argv[0] );
194 return( EXIT_FAILURE );
197 if ( infile != NULL ) {
198 if (( fp = fopen( infile, "r" )) == NULL ) {
200 return( EXIT_FAILURE );
207 if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) {
208 fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug );
210 if( ldap_set_option( NULL, LDAP_OPT_DEBUG_LEVEL, &debug ) != LDAP_OPT_SUCCESS ) {
211 fprintf( stderr, "Could not set LDAP_OPT_DEBUG_LEVEL %d\n", debug );
216 (void) SIGNAL( SIGPIPE, SIG_IGN );
219 if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) {
220 perror( "ldap_init" );
221 return( EXIT_FAILURE );
224 /* this seems prudent */
226 int deref = LDAP_DEREF_NEVER;
227 ldap_set_option( ld, LDAP_OPT_DEREF, &deref);
229 /* don't chase referrals */
230 ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF );
234 ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS)
236 fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version );
240 passwd = getpass("Enter LDAP Password: ");
242 if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
243 ldap_perror( ld, "ldap_bind" );
244 return( EXIT_FAILURE );
250 LDAPControl *ctrls[2];
254 c.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
255 c.ldctl_value.bv_val = NULL;
256 c.ldctl_value.bv_len = 0;
257 c.ldctl_iscritical = manageDSAit > 1;
259 err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, &ctrls );
261 if( err != LDAP_OPT_SUCCESS ) {
262 fprintf( stderr, "Could not set Manage DSA IT Control\n" );
263 if( c.ldctl_iscritical ) {
264 exit( EXIT_FAILURE );
271 rc = domodrdn( ld, entrydn, rdn, newSuperior, remove );
272 else while ((rc == 0 || contoper) && fgets(buf, sizeof(buf), fp) != NULL) {
273 if ( *buf != '\0' ) { /* blank lines optional, skip */
274 buf[ strlen( buf ) - 1 ] = '\0'; /* remove nl */
276 if ( havedn ) { /* have DN, get RDN */
277 if (( rdn = strdup( buf )) == NULL ) {
279 return( EXIT_FAILURE );
281 rc = domodrdn(ld, entrydn, rdn, newSuperior, remove );
283 } else if ( !havedn ) { /* don't have DN yet */
284 if (( entrydn = strdup( buf )) == NULL ) {
286 return( EXIT_FAILURE );
304 int remove ) /* flag: remove old RDN */
309 printf( "Renaming \"%s\"\n", dn );
310 printf( "\tnew rdn=\"%s\" (%s old rdn)\n",
311 rdn, remove ? "delete" : "keep" );
312 if( newSuperior != NULL ) {
313 printf("\tnew parent=\"%s\"\n", newSuperior);
318 i = ldap_rename2_s( ld, dn, rdn, newSuperior, remove );
319 if ( i != LDAP_SUCCESS ) {
320 ldap_perror( ld, "ldap_rename2_s" );
321 } else if ( verbose ) {
322 printf( "modrdn complete\n" );