Cross Reference: /forgerock/opendj2/resource/man/man1/ldapcompare.1

t
Title: ldapcompare
Author:
Generator: DocBook XSL-NS Stylesheets v1.76.1 <http://docbook.sf.net/>
Date: 03/01/2013
Manual: Tools Reference
Source: OpenDJ 2.5.0
Language: English

"LDAPCOMPARE" "1" "03/01/2013" "OpenDJ 2.5.0" "Tools Reference"

-----------------------------------------------------------------
* Define some portability stuff
-----------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://bugs.debian.org/507673
http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----------------------------------------------------------------
* set default formatting
-----------------------------------------------------------------
disable hyphenation
disable justification (adjust text to left margin only)
-----------------------------------------------------------------
* MAIN CONTENT STARTS HERE *
-----------------------------------------------------------------

"NAME"

ldapcompare - perform LDAP compare operations

"SYNOPSIS"

\w'ldapcompare 'u ldapcompare {options} [[attribute] | [:] | [value]] [DN...]

"DESCRIPTION"

This utility can be used to perform LDAP compare operations in the directory.

"OPTIONS"

The following options are supported.

--assertionFilter {filter}

Use the LDAP assertion control with the provided filter

-c, --continueOnError

Continue processing even if there are errors

-f, --filename {file}

LDIF file containing one DN per line of entries to compare

-J, --control {controloid[:criticality[:value|::b64value|:<filePath]]}

Use a request control with the provided information

-m, --useCompareResultCode

Use the LDAP compare result as an exit code for the LDAP compare operations.

-n, --dry-run

Show what would be done but do not perform any operation

"LDAP Connection Options"

--connectTimeout {timeout}

Maximum length of time (in milliseconds) that can be taken to establish a connection. Use \*(Aq0\*(Aq to specify no time out. Default value: 30000

-D, --bindDN {bindDN}

DN to use to bind to the server Default value: cn=Directory Manager

-h, --hostname {host}

Directory server hostname or IP address Default value: localhost.localdomain

-j, --bindPasswordFile {bindPasswordFile}

Bind password file

-K, --keyStorePath {keyStorePath}

Certificate key store path

-N, --certNickname {nickname}

Nickname of certificate for SSL client authentication

-o, --saslOption {name=value}

SASL bind options

-p, --port {port}

Directory server port number Default value: 389

-P, --trustStorePath {trustStorePath}

Certificate trust store path

-q, --useStartTLS

Use StartTLS to secure communication with the server

-r, --useSASLExternal

Use the SASL EXTERNAL authentication mechanism

--trustStorePassword {trustStorePassword}

Certificate trust store PIN

-u, --keyStorePasswordFile {keyStorePasswordFile}

Certificate key store PIN file

-U, --trustStorePasswordFile {path}

Certificate trust store PIN file

-V, --ldapVersion {version}

LDAP protocol version number Default value: 3

-w, --bindPassword {bindPassword}

Password to use to bind to the server

-W, --keyStorePassword {keyStorePassword}

Certificate key store PIN

-X, --trustAll

Trust all server SSL certificates

-Z, --useSSL

Use SSL for secure communication with the server

"Utility Input/Output Options"

-i, --encoding {encoding}

Use the specified character set for command-line input

--noPropertiesFile

No properties file will be used to get default command line argument values

--propertiesFilePath {propertiesFilePath}

Path to the file containing default property values used for command line arguments

-s, --script-friendly

Use script-friendly mode

-v, --verbose

Use verbose mode

"General Options"

--version

Display version information

-?, -H, --help

Display usage information

"EXIT CODES"

0

The command completed successfully.

5

The -m option was used, and at least one of the LDAP compare operations did not match.

6

The -m option was used, and all the LDAP compare operations did match.

ldap-error

An LDAP error occurred while processing the operation. LDAP result codes are described in \m[blue]RFC 4511\m[]. Also see the additional information for details.

89

An error occurred while parsing the command-line arguments.

"FILES"

You can use ~/.opendj/tools.properties to set the defaults for bind DN, host name, and port number as in the following example.

.\}

hostname=directory.example.com
port=1389
bindDN=uid=kvaughan,ou=People,dc=example,dc=com

ldapcompare.port=1389
ldapdelete.port=1389
ldapmodify.port=1389
ldappasswordmodify.port=1389
ldapsearch.port=1389

.\}

"EXAMPLES"

The following examples demonstrate comparing Babs Jensen\*(Aqs UID.

The following example uses a matching UID value.

.\}

$ ldapcompare -p 1389 uid:bjensen uid=bjensen,ou=people,dc=example,dc=com
Comparing type uid with value bjensen in entry
uid=bjensen,ou=people,dc=example,dc=com
Compare operation returned true for entry
uid=bjensen,ou=people,dc=example,dc=com

.\}

The following example uses a UID value that does not match.

.\}

$ ldapcompare -p 1389 uid:beavis uid=bjensen,ou=people,dc=example,dc=com
Comparing type uid with value beavis in entry
uid=bjensen,ou=people,dc=example,dc=com
Compare operation returned false for entry
uid=bjensen,ou=people,dc=example,dc=com

.\}

"COPYRIGHT"

Copyright \(co 2011-2013 ForgeRock AS