Deleting unwanted attributes

In the previous post I described how to deal with the “emtpy attribute” problem caused by the loose schema enforcement of older Netscape family directory servers, and a way to eliminate these from your data when migrating to another server. In this one I’m going to show a method to remove any attribute and value you don’t want in that data.


When migrating data from one directory to another you may sometime have to rework or eliminate lines in your LDIF file. Here is a way to do that.

This is how to delete and entire line that matches a pattern and close up the space that would otherwise be left:

perl -pi -e 's/^manager: .+n$//gi' file.ldif

The above is almost required if some bonehead put first and last name values in all your manager attributes, which as everyone knows is supposed to be a dn value (the dn of the user’s manager) according to every LDAP schema from the beginning of time (1997).

Over the long term the way to deal with this is to make a fuss until people stop using attributes in ways that violate the schema. One alternative you might propose to the misuse (or abuse) of “manager” in this way would be a “excomanagername” (“exco” for “Example Company”, the prefix for all your custom attributes — you are using a unique, readily identifiable prefix for all your custom attributes, aren’t you?) attribute, if they really can’t be bothered with searching for the manager’s name with the dn value provided in “manager”.