Active Directory LDAP move user to different OU - Ruby

1.8k views Asked by At

I have hit a snag in my integration with Active Directory. I need to be able to move users from one OU to another. I'm using net-ldap 0.5.0 which is on github master branch and dug around in the source code and found out you could do this

$ldap.rename(
             olddn: "cn=bradford ricechip,ou=agents,ou=ihs,ou=test environment,dc=ctatechs,dc=com", 
             newrdn: "cn=bradford ricechip", 
             new_superior: "ou=coach,ou=ihs,ou=test environment,dc=ctatechs,dc=com"
) 

I'm getting: #<OpenStruct code=53, error_message="00000057: LdapErr: DSID-0C090A95, comment: Old RDN must be deleted, data 0, v1772\x00", matched_dn="", message="Unwilling to perform"> . I guess I don't understand how I can delete the old RDN then move the user to a new OU.

This is the only issue I'm having. If I need to provide anything else just let me know. Thanks in advance for all of the help!

1

There are 1 answers

0
David Hahn On BEST ANSWER

This is how we solved it:

@ldap.rename(
  olddn: user.dn, 
  newrdn: "CN=#{user.cn}", 
  delete_attributes: true, 
  new_superior: "#{new_ou}"
)

We also used the version of ldap-ruby on Github not the version on RubyGems.