Import user-pictures (jpegPhoto-Attr)

UCS - Univention Corporate Server
,
#1

I wrote a script to import user and groups by LDIF-exports from an old UCS.

The script parses groups and users in the LDIF into udm-commands.

I sorted out all problems so far, except the user-picture, where the command always breaks with error: Argument list too long

udm users/user modify --dn "[user-dn]" --set jpegPhoto="[base64-encoded jpeg]"

The pictures are about 50 KB to 150 KB (+base64-encoding overhead).

Is there a way to successfully import the user-picture by console command?

Or is there another way to import the user-pictures without manually upload every single one?

#2

Hey,

the only way to circumvent the command line argument length limit is to put fewer data on it. Programs that require huge amounts of data usually allow the user to specify file names to read that data from in addition to specifying said data directory on the command line.

Unfortunately looking at the code for the Univention Directory Manager daemon it seems clear that there’s no way to specify a file name to read the data from. The argument to --set is split into two parts, and the second part is then taken as-is (after re-coding it to UTF-8) as the value (see /usr/share/pyshared/univention/admincli/admin.py, lines 627 and following).

You could file an enhancement request for such a feature.

Note that shells offer ways of reading command line arguments from files, e.g. someprogram $(</path/to/file). This won’t work as it’s the shell that reads the file, not the program itself; therefore the file’s size still counts against the argument length limit.

1 Like
#3

The scripts we used for LDIF-imports utilized a combination of udm-cli as well as ldapmodify (especially for the base64-values like jpegPhoto).

hth,
Dirk

1 Like
#4

Yeah. ldapmodify with LDIF files is the obvious way to go, as Dirk said. Sorry I forgot to mention it.

1 Like
#5

Thanks for your inputs, i tried ldapmodify before, but had auth-problems…

I managed to solve the problem with:

echo "version: 1
dn: [USER-DN]
changetype: modify
add: jpegPhoto
jpegphoto:< file:[USERNAME].jpg
" | ldapmodify -x -D cn=admin,$(ucr get ldap/base) -y /etc/ldap.secret
1 Like
Mastodon