7321N/A<?xml version="1.0" encoding="UTF-8"?>
7321N/A<!--
7321N/A ! CCPL HEADER START
7321N/A !
7321N/A ! This work is licensed under the Creative Commons
7321N/A ! Attribution-NonCommercial-NoDerivs 3.0 Unported License.
7321N/A ! To view a copy of this license, visit
7321N/A ! http://creativecommons.org/licenses/by-nc-nd/3.0/
7321N/A ! or send a letter to Creative Commons, 444 Castro Street,
7321N/A ! Suite 900, Mountain View, California, 94041, USA.
7321N/A !
7321N/A ! You can also obtain a copy of the license at
7321N/A ! trunk/opendj3/legal-notices/CC-BY-NC-ND.txt.
7321N/A ! See the License for the specific language governing permissions
7321N/A ! and limitations under the License.
7321N/A !
7321N/A ! If applicable, add the following below this CCPL HEADER, with the fields
7321N/A ! enclosed by brackets "[]" replaced with your own identifying information:
7321N/A ! Portions Copyright [yyyy] [name of copyright owner]
7321N/A !
7321N/A ! CCPL HEADER END
7321N/A !
7321N/A ! Copyright 2011-2014 ForgeRock AS
7321N/A !
7321N/A-->
7321N/A<refentry xml:id='ldapmodify-1'
7321N/A xmlns='http://docbook.org/ns/docbook'
7321N/A version='5.0' xml:lang='en'
7321N/A xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
7321N/A xsi:schemaLocation='http://docbook.org/ns/docbook
7321N/A http://docbook.org/xml/5.0/xsd/docbook.xsd'
7321N/A xmlns:xlink='http://www.w3.org/1999/xlink'>
7321N/A <info><copyright><year>2011-2014</year><holder>ForgeRock AS</holder></copyright></info>
7321N/A <refmeta>
7321N/A <refentrytitle>ldapmodify</refentrytitle><manvolnum>1</manvolnum>
7321N/A <refmiscinfo class="software">OpenDJ</refmiscinfo>
7321N/A <refmiscinfo class="version"><?eval ${docTargetVersion}?></refmiscinfo>
7321N/A </refmeta>
7321N/A <refnamediv>
7321N/A <refname>ldapmodify</refname>
7321N/A <refpurpose>perform LDAP modify, add, delete, mod DN operations</refpurpose>
7321N/A </refnamediv>
7321N/A <refsynopsisdiv>
7321N/A <cmdsynopsis>
7321N/A <command>ldapmodify</command>
7321N/A <arg choice="req">options</arg>
7321N/A </cmdsynopsis>
7321N/A </refsynopsisdiv>
7321N/A <refsect1>
7321N/A <title>Description</title>
7321N/A <para>This utility can be used to perform LDAP modify, add, delete, and
7321N/A modify DN operations in the directory.</para>
7321N/A <para>When not using a file to specify modifications, end your input with
7321N/A EOF (Ctrl+D on UNIX, Ctrl+Z on Windows).</para>
7321N/A </refsect1>
7321N/A <refsect1>
7321N/A <title>Options</title>
7321N/A <para>The following options are supported.</para>
7321N/A <variablelist>
7321N/A <varlistentry>
7321N/A <term><option>-a, --defaultAdd</option></term>
7321N/A <listitem>
7321N/A <para>Treat records with no changetype as add operations</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>--assertionFilter {filter}</option></term>
7321N/A <listitem>
7321N/A <para>Use the LDAP assertion control with the provided filter</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-c, --continueOnError</option></term>
7321N/A <listitem>
7321N/A <para>Continue processing even if there are errors</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-f, --filename {file}</option></term>
7321N/A <listitem>
7321N/A <para>LDIF file containing the changes to apply</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-J, --control {controloid[:criticality[:value|::b64value|:&lt;filePath]]}</option></term>
7321N/A <listitem>
7321N/A <para>Use a request control with the provided information</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-n, --dry-run</option></term>
7321N/A <listitem>
7321N/A <para>Show what would be done but do not perform any operation</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>--postReadAttributes {attrList}</option></term>
7321N/A <listitem>
7321N/A <para>Use the LDAP ReadEntry post-read control</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>--preReadAttributes {attrList}</option></term>
7321N/A <listitem>
7321N/A <para>Use the LDAP ReadEntry pre-read control</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-Y, --proxyAs {authzID}</option></term>
7321N/A <listitem>
7321N/A <para>Use the proxied authorization control with the given authorization
7321N/A ID</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A </variablelist>
7321N/A <refsect2>
7321N/A <title>LDAP Connection Options</title>
7321N/A <variablelist>
7321N/A <varlistentry>
7321N/A <term><option>--connectTimeout {timeout}</option></term>
7321N/A <listitem>
7321N/A <para>Maximum length of time (in milliseconds) that can be taken to
7321N/A establish a connection. Use '0' to specify no time out.</para>
7321N/A <para>Default value: 30000</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-D, --bindDN {bindDN}</option></term>
7321N/A <listitem>
7321N/A <para>DN to use to bind to the server</para>
7321N/A <para>Default value: cn=Directory Manager</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-E, --reportAuthzID</option></term>
7321N/A <listitem>
7321N/A <para>Use the authorization identity control</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-h, --hostname {host}</option></term>
7321N/A <listitem>
7321N/A <para>Directory server hostname or IP address</para>
7321N/A <para>Default value: localhost.localdomain</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-j, --bindPasswordFile {bindPasswordFile}</option></term>
7321N/A <listitem>
7321N/A <para>Bind password file</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-K, --keyStorePath {keyStorePath}</option></term>
7321N/A <listitem>
7321N/A <para> Certificate key store path</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-N, --certNickname {nickname}</option></term>
7321N/A <listitem>
7321N/A <para>Nickname of certificate for SSL client authentication</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-o, --saslOption {name=value}</option></term>
7321N/A <listitem>
7321N/A <para>SASL bind options</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-p, --port {port}</option></term>
7321N/A <listitem>
7321N/A <para>Directory server port number</para>
7321N/A <para>Default value: 389</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-P, --trustStorePath {trustStorePath}</option></term>
7321N/A <listitem>
7321N/A <para>Certificate trust store path</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-q, --useStartTLS</option></term>
7321N/A <listitem>
7321N/A <para>Use StartTLS to secure communication with the server</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-r, --useSASLExternal</option></term>
7321N/A <listitem>
7321N/A <para>Use the SASL EXTERNAL authentication mechanism</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>--trustStorePassword {trustStorePassword}</option></term>
7321N/A <listitem>
7321N/A <para>Certificate trust store PIN</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-u, --keyStorePasswordFile {keyStorePasswordFile}</option></term>
7321N/A <listitem>
7321N/A <para>Certificate key store PIN file</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-U, --trustStorePasswordFile {path}</option></term>
7321N/A <listitem>
7321N/A <para>Certificate trust store PIN file</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-V, --ldapVersion {version}</option></term>
7321N/A <listitem>
7321N/A <para>LDAP protocol version number</para>
7321N/A <para>Default value: 3</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-w, --bindPassword {bindPassword}</option></term>
7321N/A <listitem>
7321N/A <para>Password to use to bind to the server</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-W, --keyStorePassword {keyStorePassword}</option></term>
7321N/A <listitem>
7321N/A <para>Certificate key store PIN</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-X, --trustAll</option></term>
7321N/A <listitem>
7321N/A <para>Trust all server SSL certificates</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-Z, --useSSL</option></term>
7321N/A <listitem>
7321N/A <para>Use SSL for secure communication with the server</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A </variablelist>
7321N/A </refsect2>
7321N/A <refsect2>
7321N/A <title>Utility Input/Output Options</title>
7321N/A <variablelist>
7321N/A <varlistentry>
7321N/A <term><option>-i, --encoding {encoding}</option></term>
7321N/A <listitem>
7321N/A <para>Use the specified character set for command-line input</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>--noPropertiesFile</option></term>
7321N/A <listitem>
7321N/A <para>No properties file will be used to get default command line
7321N/A argument values</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>--propertiesFilePath {propertiesFilePath}</option></term>
7321N/A <listitem>
7321N/A <para>Path to the file containing default property values used for
7321N/A command line arguments</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-v, --verbose</option></term>
7321N/A <listitem>
7321N/A <para>Use verbose mode</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A </variablelist>
7321N/A </refsect2>
7321N/A <refsect2>
7321N/A <title>General Options</title>
7321N/A <variablelist>
7321N/A <varlistentry>
7321N/A <term><option>--version</option></term>
7321N/A <listitem>
7321N/A <para>Display version information</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><option>-?, -H, --help</option></term>
7321N/A <listitem>
7321N/A <para>Display usage information</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A </variablelist>
7321N/A </refsect2>
7321N/A </refsect1>
7321N/A <refsect1>
7321N/A <title>Exit Codes</title>
7321N/A <variablelist>
7321N/A <varlistentry>
7321N/A <term>0</term>
7321N/A <listitem>
7321N/A <para>The command completed successfully.</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term><replaceable>ldap-error</replaceable></term>
7321N/A <listitem>
7321N/A <para>An LDAP error occurred while processing the operation.</para>
7321N/A <para>LDAP result codes are described in <link
7321N/A xlink:href="http://tools.ietf.org/html/rfc4511#appendix-A">RFC
7321N/A 4511</link>. Also see the additional information for details.</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A <varlistentry>
7321N/A <term>89</term>
7321N/A <listitem>
7321N/A <para>An error occurred while parsing the command-line arguments.</para>
7321N/A </listitem>
7321N/A </varlistentry>
7321N/A </variablelist>
7321N/A </refsect1>
7321N/A <refsect1>
7321N/A <title>Files</title>
7321N/A <para>You can use <filename>~/.opendj/tools.properties</filename> to set
7321N/A the defaults for bind DN, host name, and port number as in the following
7321N/A example.</para>
7321N/A <programlisting language="ini">
7321N/Ahostname=directory.example.com
7321N/Aport=1389
7321N/AbindDN=uid=kvaughan,ou=People,dc=example,dc=com
7321N/A
7321N/Aldapcompare.port=1389
7321N/Aldapdelete.port=1389
7321N/Aldapmodify.port=1389
7321N/Aldappasswordmodify.port=1389
7321N/Aldapsearch.port=1389
7321N/A </programlisting>
7321N/A </refsect1>
7321N/A <refsect1>
7321N/A <title>Examples</title>
7321N/A <para>The following example demonstrates use of the command to add an entry
7321N/A to the directory.</para>
7321N/A
7321N/A <screen>
7321N/A$ <userinput>cat newuser.ldif</userinput>
7321N/A<computeroutput>dn: uid=newuser,ou=People,dc=example,dc=com
7321N/Auid: newuser
7321N/AfacsimileTelephoneNumber: +1 408 555 1213
7321N/AobjectClass: person
7321N/AobjectClass: organizationalPerson
7321N/AobjectClass: inetOrgPerson
7321N/AobjectClass: posixAccount
7321N/AobjectClass: top
7321N/AgivenName: New
7321N/Acn: New User
7321N/Acn: Real Name
7321N/AtelephoneNumber: +1 408 555 1212
7321N/Asn: Jensen
7321N/AroomNumber: 1234
7321N/AhomeDirectory: /home/newuser
7321N/AuidNumber: 10389
7321N/Amail: newuser@example.com
7321N/Al: South Pole
7321N/Aou: Product Development
7321N/Aou: People
7321N/AgidNumber: 10636</computeroutput>
7321N/A
7321N/A$ <userinput>ldapmodify -p 1389 -a -f newuser.ldif \
7321N/A -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery</userinput>
7321N/A<computeroutput>Processing ADD request for uid=newuser,ou=People,dc=example,dc=com
7321N/AADD operation successful for DN uid=newuser,ou=People,dc=example,dc=com</computeroutput>
7321N/A </screen>
7321N/A
7321N/A <para>The following example demonstrates adding a Description attribute
7321N/A to the new user's entry.</para>
7321N/A
7321N/A <screen>
7321N/A$ <userinput>cat newdesc.ldif</userinput>
7321N/A<computeroutput>dn: uid=newuser,ou=People,dc=example,dc=com
7321N/Achangetype: modify
7321N/Aadd: description
7321N/Adescription: A new user's entry</computeroutput>
7321N/A
7321N/A$ <userinput>ldapmodify -p 1389 -f newdesc.ldif \
7321N/A -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery</userinput>
7321N/A<computeroutput>Processing MODIFY request for uid=newuser,ou=People,dc=example,dc=com
7321N/AMODIFY operation successful for DN uid=newuser,ou=People,dc=example,dc=com</computeroutput>
7321N/A </screen>
7321N/A
7321N/A <para>The following example demonstrates changing the Description attribute
7321N/A for the new user's entry.</para>
7321N/A
7321N/A <screen>
7321N/A$ <userinput>cat moddesc.ldif</userinput>
7321N/A<computeroutput>dn: uid=newuser,ou=People,dc=example,dc=com
7321N/Achangetype: modify
7321N/Areplace: description
7321N/Adescription: Another description</computeroutput>
7321N/A
7321N/A$ <userinput>ldapmodify -p 1389 -f moddesc.ldif \
7321N/A -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery</userinput>
7321N/A<computeroutput>Processing MODIFY request for uid=newuser,ou=People,dc=example,dc=com
7321N/AMODIFY operation successful for DN uid=newuser,ou=People,dc=example,dc=com</computeroutput>
7321N/A </screen>
7321N/A
7321N/A <para>The following example demonstrates deleting the new user's entry.</para>
7321N/A
7321N/A <screen>
7321N/A$ <userinput>cat deluser.ldif</userinput>
7321N/A<computeroutput>dn: uid=newuser,ou=People,dc=example,dc=com
7321N/Achangetype: delete</computeroutput>
7321N/A
7321N/A$ <userinput>ldapmodify -p 1389 -f deluser.ldif \
7321N/A -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery</userinput>
7321N/A<computeroutput>Processing DELETE request for uid=newuser,ou=People,dc=example,dc=com
7321N/ADELETE operation successful for DN uid=newuser,ou=People,dc=example,dc=com</computeroutput>
7321N/A </screen>
7321N/A </refsect1>
7321N/A</refentry>