use Net::LDAP::LDIF;
our $old_ldif = Net::LDAP::LDIF->new( "dump.ldif", "r", onerror => 'un
+def' );
our $new_ldif = Net::LDAP::LDIF->new( "dump_new.ldif", "w", onerror =>
+ 'undef', wrap => 76, encode => 'base64' );
while (not $old_ldif->eof()) {
my $entry = $old_ldif->read_entry();
if ($old_ldif->error()) {
warn "Error msg: ", $old_ldif->error(), "\n";
warn "Error lines:\n", $old_ldif->error_lines(), "\n";
} else {
# delete attributes no longer needed
foreach my $a ($entry->attributes()) {
if ($a =~ /^attrMatch/) {
$entry->delete($a);
}
}
$new_ldif->write_entry($entry);
}
}
$old_ldif->done();
$new_ldif->done();
Assuming userPassword is not the attribute to remove, I would expect a diff between dump.ldap and dump_new.ldap to only show the attribute(s) that were deleted. But in dump.ldif (from an OpenLDAP slapcat command) the userPassword field is base64 encoded. In the dump_new.ldif file, it's not base64 encoded. Makes the diff harder to read... nothing incorrect with either version though.
|