Changes

Finally, we need ti to loop over all the distinguished names and replace the original (old) content to the attribute with the new content:

ldap_attribute="sstMailFromdescription" # The attribute we're interested in. For example: sstMailFromdescriptionldap_attribute_old="Support stepping stone GmbH <support@stepping-stone.ch>" # Original (old) value of the attribute.ldap_attribute_new="Support stepping stone AG <support@stepping-stone.ch>" # The new value, that the original (old) value of the attribute is to be replaced with.ldap_bind_password='' # The password of "cn=Manager,o=stepping-stone,c=ch"

"(${ldap_attribute}=*${ldap_attribute_old}*)"

dn: ousstVirtualMachine=unsuccessful1a08a4b8-8daf-43d7-b7c0-6e92cf7c1db1,ou=templates,uid=5000000virtual machines ,ou=reseller,ou=configuration,ou=b ackupvirtualization,ou=services,o=stepping-stone,c=chdescriptionobjectClass: This leaf contains the quota templates for the (online) backupsersstVirtualizationVirtualMachine vice.objectClass: sstRelationshipobjectClass: sstSpiceobjectClass: labeledURIObject

objectClasssstClockOffset: organizationalUnitutcobjectClasssstDisplayName: sstTemplateSetupoukvm-1243: unsuccessfulsstMailFrom: Support stepping stone GmbH <support@: CentOS 7 (Zabbix Database)sstMemory: 17179869184sstNode: vm-node-03.stepping-stone.ch>sstMailTemplatesstOnCrash: filedestroysstOnPowerOff:///var/www/selfcare/htdocs/themes/selfcaredestroysstOnReboot: restartsstOSArchitecture: x86_64sstOSBootDevice: hdsstOSMachine: pc-inti440fx-2.stepping1sstOSType: hvmsstStatus: runningsstType: kvmsstVCPU: 10sstVirtualMachine: 1a08a4b8-8daf-43d7-b7c0-6e92cf7c1db1 sstVirtualMachinePool: d9c3cc0c-9ae7-40e5-8fb7-ba5297e835aadescription: kvm-1243: stepping stone.ch/templates/services/backup/unsuccessful/unsuccessful_mailGmbH: CentOS 7 (Zabbix Database)sstMailTemplateFormatSourcesstFeature: txtacpisstMailTemplateFormatTargetsstFeature: txtpaesstMailTemplateResellersstVirtualMachineMode: fileready for usesstVirtualMachineType:///var/www/selfcare/htdocs/themes/selfcare-int.spersistent teppingsstVirtualMachineSubType: ServersstNetworkDomainName: stepping-stone.chsstNetworkHostname: kvm-1243uid: 3733401sstBelongsToCustomerUID: 3723426sstBelongsToPersonUID: 1000000sstBelongsToResellerUID: 2000000sstSpicePort: 5906sstSpicePassword: HCfNmk6sY9PWlabeledURI: ldap:/templates/services/backup/unsuccessful/unsuccessful_mail_ressstVirtualMachine=default,ou=default,ou=default,ou=default eller,ou=linux,ou=virtual machine profiles,ou=virtualization,ou=services,o=steppinsstMailTemplateResellerFormatSource: txt g-stone,c=chsstMailTemplateResellerFormatTargetmember: txtsstVirtualMachine=default,ou=default,ou=default,ou=default,ou=linux,ou =virtual machine profiles,ou=virtualization,ou=services,o=stepping-stone,c=ch

As we are only interested in Normalize the dn, we add output (without the following two lines to the search aboveldif 80 characters per line restriction):

"(${ldap_attribute}=*${ldap_attribute_old}*)" \ | awk '{ if (/^ /) { sub(/^ /, ""); } else printf "\n"; printf "%s", $0 }' \ | awk '/^dn: / { print $2 }'

We need to create an array of the distinguished namesthe complete result:

childrenresult=$(ldapsearch -LLL -x -s children \

"(${ldap_attribute}=*${ldap_attribute_old}*)" \ | awk '{ if (/^ /) { sub(/^ /, ""); } else printf "\n"; printf "%s", $0 }' \ | awk '/^dn: / { print $2 }'

Finally, we need ti to loop over all the distinguished names lines of the result and replace a section (part) of the original (old) content to the attribute with the a new contentsection (part):

for dn in $children="" # Reset the dn to an empty stringcontent="" # Reset the content to an empty stringwhile IFS= read -r line; do if [[ "$line" =~ ^dn.* ]]; then dn=$line fi # Check, if the line starts with the ldap attribute of which we want to replace a part of the content if [[ "$line" =~ ^${ldap_attribute}.* ]]; then new_content=${line//${ldap_attribute_old}/${ldap_attribute_new}} # Replace all matches of ${ldap_attribute_old} with ${ldap_attribute_new}. fi if [ ${#line} -eq 0 ]; then

dn: ${dn}

${ldap_attribute}: ${ldap_attribute_newnew_content}

fidone<<< "$result"if [ ${#dn} -ne 0 ]; then cat <<EOF | sed 's/^ \{4\}//' | ldapmodify -x \ -H "$ldap_server" \ -D "$ldap_bind_account" \ -w "$ldap_bind_password" ${dn} changetype: modify replace: ${ldap_attribute} ${new_content}EOFfi

childrenresult=$(ldapsearch -LLL -x -s children \

"(${ldap_attribute}=*${ldap_attribute_old}*)" \ | awk '{ if (/^ /) { sub(/^ /, ""); } else printf "\n"; printf "%s", $0 }' \ | awk '/^dn: / { print $2 }'

for dn in $children="" # Reset the dn to an empty stringcontent="" # Reset the content to an empty stringwhile IFS= read -r line; do if [[ "$line" =~ ^dn.* ]]; then dn=$line fi # Check, if the line starts with the ldap attribute of which we want to replace a part of the content if [[ "$line" =~ ^${ldap_attribute}.* ]]; then new_content=${line//${ldap_attribute_old}/${ldap_attribute_new}} # Replace all matches of ${ldap_attribute_old} with ${ldap_attribute_new}. fi if [ ${#line} -eq 0 ]; then

dn: ${dn}

${ldap_attribute}: ${ldap_attribute_newnew_content}

fidone<<< "$result"if [ ${#dn} -ne 0 ]; then cat <<EOF | sed 's/^ \{4\}//' | ldapmodify -x \ -H "$ldap_server" \ -D "$ldap_bind_account" \ -w "$ldap_bind_password" ${dn} changetype: modify replace: ${ldap_attribute} ${ldap_attribute}: ${new_content}EOFfi