ldapvi is so wonderful. No Java/Python/PHP for “browsing” LDAP trees and the power of vi for LDAP administration. Nevertheless, today I had difficulty for deleting a facsimileTelephoneNumber attribute:
$ ldapvi Action? [yYqQvVebB*rsf+?] y ldap_modify: Inappropriate matching (18) additional info: modify/delete: facsimileTelephoneNumber: no equality matching rule
Here is the LDIF change tried by ldapvi:
dn: uid=foo,ou=people,dc=evolix,dc=net changetype: modify delete: facsimileTelephoneNumber facsimileTelephoneNumber: 0000
After a little search on the web, I find the reason on openldap-bugs list archives:
Since the schema definition of facsimileTelephoneNumber has no matching rule defined, the only modifications you can make are Replace or Delete w/ no values.
facsimileTelephone attribute actually doesn’t have SYNTAX definition. See in core.ldif file:
Number olcAttributeTypes: ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' ) DESC 'RFC2256: Facsimile (Fax) Telephone Number' SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
By default, ldapvi tries to delete a specific value (even if there is only one value) for an attribute. But according documentation, it’s impossible to delete only one of values for facsimileTelephoneNumber attribute!
Note: for deleting all values of facsimileTelephoneNumber attribute, the LDIF change must be:
dn: uid=foo,ou=people,dc=evolix,dc=net changetype: modify delete: facsimileTelephoneNumber