Alternative to ldap_rename for Sun Directory Servers

Question

PHP provides a great function for copying or moving directory records within LDAP. Unfortunately this ldap_rename function doesn't seem to work on the Sun Directory. Do any alternatives exist to change an account's OU without having to create a new account?

My end goal is to have a simple method to switch between two OU's, such as: CN=username,OU=Admin,DC=uaa,DC=alaska,DC=edu to
CN=username,OU=Student,DC=uaa,DC=alaska,DC=edu

Answer 1

You can do it with LDIF. On the directory point of view, the job you want to do is called a DN modification, there are two LDAP verbs for that moddn and modrdn.

It can be done in LDIF by this way in OpenLDAP:

dn: CN=username,OU=Admin,DC=uaa,DC=alaska,DC=edu
changetype: modrdn
newrdn: CN=username
deleteoldrdn: 0
newsuperior: OU=Student,DC=uaa,DC=alaska,DC=edu

I use this way accros Active Directory :

dn: CN=username,OU=Admin,DC=uaa,DC=alaska,DC=edu
Changetype: moddn
Newrdn: CN=username
Deleteoldrdn: 1
Newsuperior: OU=Student,DC=uaa,DC=alaska,DC=edu

Be careful, copy/delete is significantly different from moddn and modrdn in the first solution you create new objects (new guid or uuid in the LDAP database) and it can impact replication. In the second solution you move objects.

Perhaps you can find there verbs in PHP.