Last updated: Fri, 13 Nov 2009

ldap_rename

(PHP 4 >= 4.0.5, PHP 5)

ldap_rename — エントリ名を修正する

説明

bool ldap_rename ( resource $link_identifier , string $dn , string $newrdn , string $newparent , bool $deleteoldrdn )

dn で指定したエントリについて、名前の変更または移動を行います。

パラメータ

link_identifier: ldap_connect() が返す LDAP リンク ID。
dn: LDAP エンティティの識別名。
newrdn: 新しい RDN。
newparent: 新しい親エントリ。
deleteoldrdn: TRUE の場合は古い RDN 値を削除します。それ以外の場合は古い RDN 値がそのエントリの non-distinguished 値として残されます。

返り値

成功した場合に TRUE を、失敗した場合に FALSE を返します。

注意

注意: この関数は、現在、LDAPv3 でのみ動作します。LDAPv3 でバインドする前に ldap_set_option()() を使用する必要があるかもしれません。この関数は、OpenLDAP 2.x.x または Netscape Directory SDK x.x を使用している場合にのみ使用可能です。

参考

ldap_modify() - LDAP エントリを修正する

ldap_sasl_bind

ldap_read

Last updated: Fri, 13 Nov 2009

add a note User Contributed Notes
ldap_rename

Peter Kehl
09-Apr-2008 09:51


Here's some clarification about the parameters when renaming a container in Novell eDirectory:

- $new_rdn is in format "ou=new container name"

- newparent parameter is NULL - because we're renaming and not moving

- deleteoldrdn parameter if TRUE then old value of OU attribute is stored as a secondary/further value of LDAP OU attribute. Novell ConsoleOne shows it as 'Other Name' attribute.



$full_old_dn= "ou=Cuckoo,ou=London,ou=UK,ou=Europe,o=Happy";

$new_rdn= "ou=Cuckoo Group";

    

ldap_rename( $conn, $full_old_dn, $new_rdn, NULL, TRUE);

backports at gmail dot com
15-Jun-2007 02:26


Though clearly mentioned, the following had me in spin for a good 10 minutes.



Ensure: 



if (!ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3)) {

   // do something horrible

}



has been set _before_ you actually bind :)

hyc at openldap dot org
06-Oct-2005 11:49


Contrary to Richard Esplin's statement, this *is* the correct function to use for renaming subtrees and moving entries from one place in the tree to another. Just that most LDAP server implementations don't support moving non-leaf entries.



E.g. In OpenLDAP, moving a non-leaf entry is only supported when using the back-hdb database backend. SunOne only has one database backend, and it apparently doesn't handle this type of operation.

venakis at ccf dot auth dot gr
18-Oct-2004 09:52


If you are using Sun Directory Server 5.2, please note that you can't use ldap_rename to move an entry. According to Sun's own documentation: "[...] At this point in time, Directory Server does not support the ability to use the modify DN operation to move an entry from one location in the directory tree to another location." (http://docs.sun.com/source/817-6707/resultcodes.html)

The problem is that php does not return any error and the operation seems to complete succesfully, except for the fact that nothing really happens. If you check the server logs, there will be an "error 53" entry (server is unwilling to perform). 

hope this saves someone's couple of hours nasty searching...

cory at shopwithafriend dot net
12-Aug-2004 10:21


When setting a new Rdn value be sure to escape any commas that are not path designators.  I spent several hours trying to move user nodes in AD since their cn was set wrong.  We wanted the cn to be set to: lastname, firstname.



<?php

//In this example we are renaming a node with cn of "jsmith" to "Smith, John"



/*

Setting some variables to values for display purposes.

In a real script the values would probably come from some outside source (file, ldap query, etc...)

*/

$dn = 'cn=jsmith,ou=mygroup,dc=mydomain';

$name = "Smith, John";



// Now replace those pesky commas

$newRdn = "cn=" . str_replace(",", "\\,", $name);



ldap_rename($link, $dn, $newRdn, $newParent, true);

?>

Viper_SB at NOSPAMyahoo dot com
30-Jun-2004 09:41


Since this function isn't documented to well I thought I'd help out those trying to get this to work.



<?php

// $dn is the full DN of the entry you wish to move

$dn = 'cn=user1,ou=group1,dc=mydomain';

/*

    note that $newRdn IS NOT a full DN, it is only the start

    I've NOT gotten it to change attributes for the RDN

    but that could just be my schema

*/

$newRdn = 'cn=user2';

// $newparent IS the full DN to the NEW parent DN that you want to move/rename to

$newParent = 'ou=group2,dc=mydomain';

ldap_rename($link, $dn, $newRdn, $newParent, true);

?>



Like I said above I haven't been able to get it to rename to a DIFFERENT attribute so deleteoldrdn has no affect on it.

Richard Esplin
16-Nov-2003 02:37


ldap_rename can only move leaf nodes of the directory tree. If your ldap entry has any child entries, then ldap_rename is not the tool that you need. We needed to change usernames, but that alters the dn. ldap_rename wouldn't work because each of our user ldap entries has a couple associated child entries. We had to write a function to recursively copy the subtree to the new location, and then delete the original version. Here is the basic algorithm:



function recursive_move($old_username, $new_username)

    ldap_search on the old username to get the correct entry

    ldap_get_attributes to get an array of values from the ldap entry

    foreach attribute in array, replace occurences of $old_username with $new_username

    ldap_add the attribute array into the new location

    ldap_modify any additional attributes

    ldap_list each child entry

    call function recursive_move on each child

    ldap_delete current entry

    return

alex at netflex dot nl
16-Oct-2002 03:29


Works also with eDirectory 8 (NW6).



If you are moving a user, remember that you also change the uid!

04-Apr-2002 11:10


To get this function working make sure that the value for $newrdn is relative.

add a note

ldap_sasl_bind

ldap_read

Last updated: Fri, 13 Nov 2009