[Fedora-directory-users] Non Leaf Object
Richard Megginson
rmeggins at redhat.com
Wed Feb 15 14:53:39 UTC 2006
Jim Summers wrote:
> Hello List,
>
> While working with some scripts for my development ldap. I was trying
> to remove the ou=People and got the following error:
>
> ldap_delete: Operation not allowed on non-leaf (66)
>
> The ldif file has two basic lines in it:
> ------
> dn: ou=People,dc=xxx,dc=xxx,dc=xxx
> changetype: delete
> ------
>
> I have used this same syntax to drop other ou's in the tree. So I
> wasn't sure why this ou is considered a non-leaf?? Or honestly I am
> not sure what a leaf is, in regards to ldap?
A "leaf" entry is an entry with no children. A "non-leaf" entry is an
entry with at least 1 child. LDAP does not allow you to delete an entry
that has children. You must delete the children first before deleting
the parent.
> Any good reading material?
>
> I could delete each entry in the People container and then
> re-populate, but that seems like a noisy way of doing things in
> regards to the multi master replicas I have running.
Depending on how many entries you have under your People container, you
may find it faster to export to LDIF -> sed/awk/perl to remove the
entries -> import modified LDIF file.
>
> Q. Why am I doing this?
> A. I am temporarily manually sync'ing a production iplanet 5.1 ldap.
> I had thought about trying the multi-master scripts from the HOW-TO's
> but I was a little hesistant. Hopefully by this summer I will be
> fully migrated over to the FDS-ldap.
>
> Ideas / suggestions?
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060215/4340eb20/attachment.bin>
More information about the Fedora-directory-users
mailing list