Filter
Top Products
92 Using the LDAP Configuration Interface September 2005
NOTE: You can also use the -h option with ldapmodify to specify the name
of a remote host on which the LDAP interface is available. Run the LDAP
utilities remotely only if you are convinced that unauthorized snooping on the
network between the LDAP client and server is not an issue.
The difference in syntax between the LDIF files generated by ldapsearch and
those required for input to
ldapmodify is that the ldapmodify input files
must contain a
changetype entry immediately following each dn entry in the
file. The
changetype entry specifies how to use the data to change the LDAP
database.
The full syntax for
changetype within each transaction is as follows:
dn: distinguished-name-of-entry
changetype: keyword
subkeyword: attribute
attribute: value
changetype: keyword
subkeyword: attribute
attribute: value
changetype: keyword
subkeyword: attribute
attribute: value
.
.
.
where:
keyword can be add, modify, or delete;
subkeyword
can be (respectively): add, replace, or delete;
attribute
can be any LDAP attribute in the entry
value is the value to assign to the attribute.
Repeated changetype: keyword entries are not required within a transaction
unless you change the keyword. From top to bottom within the transaction, the
latest keyword applies until another
changetype: keyword entry is provided.
-w radadmin The command is providing an authentication password
of
radadmin.
NOTE: The -w parameter value (in this case,
radadmin) must match the password of the
account named by the -D parameter.
-f filename This is the input LDIF file to process.
Table 18. Modifying Records Using the ldapmodify Command (Continued)
ldapmodify Option Meaning