Cross Reference: /forgerock/opendj2/resource/man/man1/ldapmodify.1

t
Title: ldapmodify
Author:
Generator: DocBook XSL-NS Stylesheets v1.76.1 <http://docbook.sf.net/>
Date: 03/21/2012
Manual: Tools Reference
Source: OpenDJ 2.5.0
Language: English

"LDAPMODIFY" "1" "03/21/2012" "OpenDJ 2.5.0" "Tools Reference"

-----------------------------------------------------------------
* Define some portability stuff
-----------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://bugs.debian.org/507673
http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----------------------------------------------------------------
* set default formatting
-----------------------------------------------------------------
disable hyphenation
disable justification (adjust text to left margin only)
-----------------------------------------------------------------
* MAIN CONTENT STARTS HERE *
-----------------------------------------------------------------

"NAME"

ldapmodify - perform LDAP modify, add, delete, mod DN operations

"SYNOPSIS"

\w'ldapmodify 'u ldapmodify {options}

"DESCRIPTION"

This utility can be used to perform LDAP modify, add, delete, and modify DN operations in the directory.

When not using a file to specify modifications, end your input with EOF (Ctrl+D on UNIX, Ctrl+Z on Windows).

"OPTIONS"

The following options are supported.

-a, --defaultAdd

Treat records with no changetype as add operations

--assertionFilter {filter}

Use the LDAP assertion control with the provided filter

-c, --continueOnError

Continue processing even if there are errors

-f, --filename {file}

LDIF file containing the changes to apply

-J, --control {controloid[:criticality[:value|::b64value|:<filePath]]}

Use a request control with the provided information

-n, --dry-run

Show what would be done but do not perform any operation

--postReadAttributes {attrList}

Use the LDAP ReadEntry post-read control

--preReadAttributes {attrList}

Use the LDAP ReadEntry pre-read control

-Y, --proxyAs {authzID}

Use the proxied authorization control with the given authorization ID

"LDAP Connection Options"

--connectTimeout {timeout}

Maximum length of time (in milliseconds) that can be taken to establish a connection. Use \*(Aq0\*(Aq to specify no time out. Default value: 30000

-D, --bindDN {bindDN}

DN to use to bind to the server Default value: cn=Directory Manager

-E, --reportAuthzID

Use the authorization identity control

-h, --hostname {host}

Directory server hostname or IP address Default value: localhost.localdomain

-j, --bindPasswordFile {bindPasswordFile}

Bind password file

-K, --keyStorePath {keyStorePath}

Certificate key store path

-N, --certNickname {nickname}

Nickname of certificate for SSL client authentication

-o, --saslOption {name=value}

SASL bind options

-p, --port {port}

Directory server port number Default value: 389

-P, --trustStorePath {trustStorePath}

Certificate trust store path

-q, --useStartTLS

Use StartTLS to secure communication with the server

-r, --useSASLExternal

Use the SASL EXTERNAL authentication mechanism

--trustStorePassword {trustStorePassword}

Certificate trust store PIN

-u, --keyStorePasswordFile {keyStorePasswordFile}

Certificate key store PIN file

-U, --trustStorePasswordFile {path}

Certificate trust store PIN file

-V, --ldapVersion {version}

LDAP protocol version number Default value: 3

-w, --bindPassword {bindPassword}

Password to use to bind to the server

-W, --keyStorePassword {keyStorePassword}

Certificate key store PIN

-X, --trustAll

Trust all server SSL certificates

-Z, --useSSL

Use SSL for secure communication with the server

"Utility Input/Output Options"

-i, --encoding {encoding}

Use the specified character set for command-line input

--noPropertiesFile

No properties file will be used to get default command line argument values

--propertiesFilePath {propertiesFilePath}

Path to the file containing default property values used for command line arguments

-v, --verbose

Use verbose mode

"General Options"

--version

Display version information

-?, -H, --help

Display usage information

"EXIT CODES"

0

The command completed successfully.

ldap-error

An LDAP error occurred while processing the operation. LDAP result codes are described in \m[blue]RFC 4511\m[]. Also see the additional information for details.

89

An error occurred while parsing the command-line arguments.

"FILES"

You can use ~/.opendj/tools.properties to set the defaults for bind DN, host name, and port number as in the following example.

.\}

hostname=directory.example.com
port=1389
bindDN=uid=kvaughan,ou=People,dc=example,dc=com

ldapcompare.port=1389
ldapdelete.port=1389
ldapmodify.port=1389
ldappasswordmodify.port=1389
ldapsearch.port=1389

.\}

"EXAMPLES"

The following example demonstrates use of the command to add an entry to the directory.

.\}

$ cat newuser.ldif 
dn: uid=newuser,ou=People,dc=example,dc=com
uid: newuser
facsimileTelephoneNumber: +1 408 555 1213
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
givenName: New
cn: New User
cn: Real Name
telephoneNumber: +1 408 555 1212
sn: Jensen
roomNumber: 1234
homeDirectory: /home/newuser
uidNumber: 10389
mail: newuser@example.com
l: South Pole
ou: Product Development
ou: People
gidNumber: 10636

$ ldapmodify -p 1389 -a -f newuser.ldif
 -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery
Processing ADD request for uid=newuser,ou=People,dc=example,dc=com
ADD operation successful for DN uid=newuser,ou=People,dc=example,dc=com

.\}

The following example demonstrates adding a Description attribute to the new user\*(Aqs entry.

.\}

$ cat newdesc.ldif 
dn: uid=newuser,ou=People,dc=example,dc=com
changetype: modify
add: description
description: A new user\*(Aqs entry

$ ldapmodify -p 1389 -f newdesc.ldif
 -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery
Processing MODIFY request for uid=newuser,ou=People,dc=example,dc=com
MODIFY operation successful for DN uid=newuser,ou=People,dc=example,dc=com

.\}

The following example demonstrates changing the Description attribute for the new user\*(Aqs entry.

.\}

$ cat moddesc.ldif 
dn: uid=newuser,ou=People,dc=example,dc=com
changetype: modify
replace: description
description: Another description

$ ldapmodify -p 1389 -f moddesc.ldif
 -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery
Processing MODIFY request for uid=newuser,ou=People,dc=example,dc=com
MODIFY operation successful for DN uid=newuser,ou=People,dc=example,dc=com

.\}

The following example demonstrates deleting the new user\*(Aqs entry.

.\}

$ cat deluser.ldif 
dn: uid=newuser,ou=People,dc=example,dc=com
changetype: delete

$ ldapmodify -p 1389 -f deluser.ldif
 -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery
Processing DELETE request for uid=newuser,ou=People,dc=example,dc=com
DELETE operation successful for DN uid=newuser,ou=People,dc=example,dc=com

.\}

"COPYRIGHT"

Copyright \(co 2011-2012 ForgeRock AS