David Hahn David Hahn -3 years ago 190
Ruby Question

Active Directory LDAP move user to different OU - Ruby

I have hit a snag in my integration with Active Directory. I need to be able to move users from one OU to another. I'm using net-ldap 0.5.0 which is on github master branch and dug around in the source code and found out you could do this

$ldap.rename(
olddn: "cn=bradford ricechip,ou=agents,ou=ihs,ou=test environment,dc=ctatechs,dc=com",
newrdn: "cn=bradford ricechip",
new_superior: "ou=coach,ou=ihs,ou=test environment,dc=ctatechs,dc=com"
)


I'm getting:
#<OpenStruct code=53, error_message="00000057: LdapErr: DSID-0C090A95, comment: Old RDN must be deleted, data 0, v1772\x00", matched_dn="", message="Unwilling to perform">
. I guess I don't understand how I can delete the old RDN then move the user to a new OU.

This is the only issue I'm having. If I need to provide anything else just let me know. Thanks in advance for all of the help!

Answer Source

This is how we solved it:

@ldap.rename(
  olddn: user.dn, 
  newrdn: "CN=#{user.cn}", 
  delete_attributes: true, 
  new_superior: "#{new_ou}"
)

We also used the version of ldap-ruby on Github not the version on RubyGems.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download