LDAP Tools

OpenLDAP’s set of LDAP client tools can be used to communicate with any LDAPv3 server (see Table B-6).

Table B-6. Command-line options common to ldapsearch, ldapcompare, ldapadd, ldapdelete, ldapmodify, and ldapmodrdn

Option

Description

-d integer

Specifies what debugging information to log. See the loglevel slapd.conf parameter for a listing of log levels.

-D binddn

Specifies the DN to use for binding to the LDAP server.

-e [!]ctrl[=ctrlparam]

Defines an LDAP control to be used on the current operation. See also the -M option for the manageDSAit control.

-f filename

Specifies the file containing the LDIF entries to be used in the operations.

-H URI

Defines the LDAP URI to be used in the connection request.

-I

Enables the SASL “interactive” mode. By default, the client prompts for information only when necessary.

-k

Enables Kerberos 4 authentication.

-K

Enables only the first step of the Kerberos 4 bind for authentication.

-M-MM

Enable the Manager DSA IT control. This option is necessary when modifying an entry that is a referral or an alias. -MM requires that the Manager DSA IT control be supported by the server.

-n

Does not perform the search; just displays what would be done.

-O security_properties

Defines the SASL security properties for authentication. See previous information on the sasl-secprops parameter in slapd.conf.

-P [2|3]

Defines which protocol version to use in the connection (Version 2 or 3). The default ...

Get LDAP System Administration now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial