Jim Summers wrote: > Hello List, > > While working with some scripts for my development ldap. I was trying > to remove the ou=People and got the following error: > > ldap_delete: Operation not allowed on non-leaf (66) > > The ldif file has two basic lines in it: > ------ > dn: ou=People,dc=xxx,dc=xxx,dc=xxx > changetype: delete > ------ > > I have used this same syntax to drop other ou's in the tree. So I > wasn't sure why this ou is considered a non-leaf?? Or honestly I am > not sure what a leaf is, in regards to ldap? A "leaf" entry is an entry with no children. A "non-leaf" entry is an entry with at least 1 child. LDAP does not allow you to delete an entry that has children. You must delete the children first before deleting the parent. > Any good reading material? > > I could delete each entry in the People container and then > re-populate, but that seems like a noisy way of doing things in > regards to the multi master replicas I have running. Depending on how many entries you have under your People container, you may find it faster to export to LDIF -> sed/awk/perl to remove the entries -> import modified LDIF file. > > Q. Why am I doing this? > A. I am temporarily manually sync'ing a production iplanet 5.1 ldap. > I had thought about trying the multi-master scripts from the HOW-TO's > but I was a little hesistant. Hopefully by this summer I will be > fully migrated over to the FDS-ldap. > > Ideas / suggestions? > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3178 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20060215/4340eb20/attachment.bin
