I want to use Node.js ldapjs client api #modify to delete an attribute of an LDAP entry.
Via shell and ldapmodify ... -f removeAttribute.ldif it works, using the following ldif file:
dn: uid=user,dc=test
changetype: modify
delete: myAttribute
Following the ldapjs documentation I have to use operation 'delete' and to add the attribute to modification (...Deletes the attribute (and all values) referenced in modification...).
If I try to do that using ldapjs, I get errors.
let dn = 'uid=user,dc=test';
let change = { operation : 'delete', modification: { myAttribute: null } ;
client.modify(dn, change, err => { ... });
... leads to error Cannot read property 'toString' of null
let dn = 'uid=user,dc=test';
let change = { operation : 'delete', modification: { myAttribute: oldValue } };
client.modify(dn, change, err => { ... });
... leads to InappropriateMatchingError
So my question: how I have to prepare the change object, if I want to delete an attribute?
It seems, that the reason is a bug inside ldapjs/change.js. If a value is given for a delete operation on a non multi-valued attribute, the LDAP-server will deny execution. If you set the value to null or undefined in the change object, ldapjs will throw an error, because the toString() method cannot be used on null or undefined.
I have fixed that piece of code, and now it works. See the ldapjs GitHub pull request 435.
The modification value can now be set to undefined or null. That leads to a request without any attribute value. This request is accepted and executed by the LDAP server, the attribute is deleted.
let change = { operation : 'delete', modification: { attributeName : undefined }};
client.modify(dn, change, (err, res) => { ... });