2011-2012ForgeRock AS ldapmodify1 OpenDJ ldapmodify perform LDAP modify, add, delete, mod DN operations ldapmodify options This utility can be used to perform LDAP modify, add, delete, and modify DN operations in the directory. When not using a file to specify modifications, end your input with EOF (Ctrl+D on UNIX, Ctrl+Z on Windows). The following options are supported. -a, --defaultAdd Treat records with no changetype as add operations --assertionFilter {filter} Use the LDAP assertion control with the provided filter -c, --continueOnError Continue processing even if there are errors -f, --filename {file} LDIF file containing the changes to apply -J, --control {controloid[:criticality[:value|::b64value|:<filePath]]} Use a request control with the provided information -n, --dry-run Show what would be done but do not perform any operation --postReadAttributes {attrList} Use the LDAP ReadEntry post-read control --preReadAttributes {attrList} Use the LDAP ReadEntry pre-read control -Y, --proxyAs {authzID} Use the proxied authorization control with the given authorization ID --connectTimeout {timeout} Maximum length of time (in milliseconds) that can be taken to establish a connection. Use '0' to specify no time out. Default value: 30000 -D, --bindDN {bindDN} DN to use to bind to the server Default value: cn=Directory Manager -E, --reportAuthzID Use the authorization identity control -h, --hostname {host} Directory server hostname or IP address Default value: localhost.localdomain -j, --bindPasswordFile {bindPasswordFile} Bind password file -K, --keyStorePath {keyStorePath} Certificate key store path -N, --certNickname {nickname} Nickname of certificate for SSL client authentication -o, --saslOption {name=value} SASL bind options -p, --port {port} Directory server port number Default value: 389 -P, --trustStorePath {trustStorePath} Certificate trust store path -q, --useStartTLS Use StartTLS to secure communication with the server -r, --useSASLExternal Use the SASL EXTERNAL authentication mechanism --trustStorePassword {trustStorePassword} Certificate trust store PIN -u, --keyStorePasswordFile {keyStorePasswordFile} Certificate key store PIN file -U, --trustStorePasswordFile {path} Certificate trust store PIN file -V, --ldapVersion {version} LDAP protocol version number Default value: 3 -w, --bindPassword {bindPassword} Password to use to bind to the server -W, --keyStorePassword {keyStorePassword} Certificate key store PIN -X, --trustAll Trust all server SSL certificates -Z, --useSSL Use SSL for secure communication with the server -i, --encoding {encoding} Use the specified character set for command-line input --noPropertiesFile No properties file will be used to get default command line argument values --propertiesFilePath {propertiesFilePath} Path to the file containing default property values used for command line arguments -v, --verbose Use verbose mode --version Display version information -?, -H, --help Display usage information 0 The command completed successfully. ldap-error An LDAP error occurred while processing the operation. LDAP result codes are described in RFC 4511. Also see the additional information for details. 89 An error occurred while parsing the command-line arguments. You can use ~/.opendj/tools.properties to set the defaults for bind DN, host name, and port number as in the following example. hostname=directory.example.com port=1389 bindDN=uid=kvaughan,ou=People,dc=example,dc=com ldapcompare.port=1389 ldapdelete.port=1389 ldapmodify.port=1389 ldappasswordmodify.port=1389 ldapsearch.port=1389 The following example demonstrates use of the command to add an entry to the directory. $ cat newuser.ldif dn: uid=newuser,ou=People,dc=example,dc=com uid: newuser facsimileTelephoneNumber: +1 408 555 1213 objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top givenName: New cn: New User cn: Real Name telephoneNumber: +1 408 555 1212 sn: Jensen roomNumber: 1234 homeDirectory: /home/newuser uidNumber: 10389 mail: newuser@example.com l: South Pole ou: Product Development ou: People gidNumber: 10636 $ ldapmodify -p 1389 -a -f newuser.ldif -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery Processing ADD request for uid=newuser,ou=People,dc=example,dc=com ADD operation successful for DN uid=newuser,ou=People,dc=example,dc=com The following example demonstrates adding a Description attribute to the new user's entry. $ cat newdesc.ldif dn: uid=newuser,ou=People,dc=example,dc=com changetype: modify add: description description: A new user's entry $ ldapmodify -p 1389 -f newdesc.ldif -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery Processing MODIFY request for uid=newuser,ou=People,dc=example,dc=com MODIFY operation successful for DN uid=newuser,ou=People,dc=example,dc=com The following example demonstrates changing the Description attribute for the new user's entry. $ cat moddesc.ldif dn: uid=newuser,ou=People,dc=example,dc=com changetype: modify replace: description description: Another description $ ldapmodify -p 1389 -f moddesc.ldif -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery Processing MODIFY request for uid=newuser,ou=People,dc=example,dc=com MODIFY operation successful for DN uid=newuser,ou=People,dc=example,dc=com The following example demonstrates deleting the new user's entry. $ cat deluser.ldif dn: uid=newuser,ou=People,dc=example,dc=com changetype: delete $ ldapmodify -p 1389 -f deluser.ldif -D uid=kvaughan,ou=people,dc=example,dc=com -w bribery Processing DELETE request for uid=newuser,ou=People,dc=example,dc=com DELETE operation successful for DN uid=newuser,ou=People,dc=example,dc=com