|
User Commands | ldapmodrdn(1) |
| ldapmodrdn - ldap modify entry RDN tool |
SYNOPSIS
| ldapmodrdn [-r] [-n] [-v] [-c] [-d debuglevel] [-D binddn] [-w passwd] [-h ldaphost] [-M authentication] [-p ldapport] [-f file] [ dn rdn] |
|
ldapmodrdn opens a connection to an LDAP server, binds, and modifies the RDN of entries. The entry information is read from standard input, from file through the use of the -f option, or from the command-line pair dn and rdn.
|
|
- -c
- Continuous operation mode. Errors are reported, but ldapmodify continues with modifications. The default is to exit after reporting an error.
- -D binddn
- Use the distinguished name binddn to bind to the directory.
- -d debuglevel
- Set the LDAP debugging level. Useful values of debuglevel for ldapmodrdn are:
-
1
- Trace
-
2
- Packets
-
4
- Arguments
-
32
- Filters
-
128
- Access control
To request more than one category of debugging information, add the masks. For example, to request trace and filter information, specify a debuglevel of 33.
- -f file
- Read the entry modification information from file instead of from standard input or the command-line.
- -h ldaphost
- Specify an alternate host on which the slapd server is running.
- -M authentication
- Specifies the authentication mechanism used to bind to the directory.
The default authentication method for ldapmodrdn is simple bind. simple bind sends the password to the server in the clear. The password is subject to snooping if the server is not local. You must use special care when you use this command
with the default authentication method. If your server supports the challenge response method CRAM-MD5 authentication method, you can override the default authentication method by using the -M option with CRAM-MD5 as the value for authentication.
The bind DN and bind password are mandatory with this option.
- -n
- Show what would be done, but don't actually change entries. Useful in conjunction with -v for debugging.
- -p ldapport
- Specify an alternate TCP port where the slapd server is listening.
- -r
- Remove old RDN values from the entry. By default, old values are kept.
- -v
- Use verbose mode, with diagnostics written to standard output.
- -w passwd
- Use passwd as the password for authentication to the directory. When you use -w passwd to specify the password to be used for authentication,
the password is visible to other users of the system by means of the ps command, in script files or in shell history. If you use the ldapmodrdn command without this option, the command will prompt for the password and read it from standard in. When used without the -w option, the password will not be visible to other users.
Input Format
|
If the command-line arguments dn and rdn are given, rdn
replaces the RDN of the entry specified by the DN, dn.
Otherwise, the contents of file (or standard input if the - f option is not specified) must consist of one or more pair of lines:
|
Distinguished Name (DN)
Relative Distinguished Name (RDN)
|
Use one or more blank lines to separate each DN/RDN pair.
|
|
|
The file /tmp/entrymods contains:
|
cn=Modify Me, o=XYZ, c=US
cn=The New Me
|
The command:
|
example% ldapmodify -r -f /tmp/entrymods
|
changes the RDN of the "Modify Me" entry from "Modify Me" to "The New Me" and the old cn, "Modify Me" is removed.
|
|
See attributes(5) for a description of the following attributes:
ATTRIBUTE TYPE | ATTRIBUTE VALUE |
Availability | SUNWcsu |
Stability Level | Evolving |
|
|
Exit status is 0 if no errors occur. Errors result in a non-zero exit status and a diagnostic message being written to standard error.
|
| |