LDAP Database--ldapsearch,ldapmodify

A brief introduction to the Ldapsearch command is useful when searching for an entry in LDAP, as long as you adjust the filter appropriately.

The command is as follows:

Ldapsearch-h hostname-p port-b basedn-d bind_dn [options] filter [attribute] ...

Parameter description:

-H: Host name or IP address

-P: Port number

-b:suffix DN

-D: Users using search bindings

Other parameters are generally seldom used. Here are a few examples to look at:

1) Search All entries:

Ldapsearch-h host-b "dc=example,dc=com" "(objectclass=*)"

2) search for entries in CN for the specified name

Ldapsearch-h host-b "dc=example,dc=com" "(Cn=babs Jensen)"

3) Search using the filter file

Filter file Contents:

Sn=francis

Givenname=barbara

Specify search:

Ldapsearch-b "dc=example,dc=com"-H Host-f filters CN uid

4) Fuzzy query, UID contains the entry of test

Ldapsearch-h host-b "dc=example,dc=com" "(uid=*test*)"

5) satisfies multiple attributes at the same time, the UID contains the entry test,givenname contains test

Ldapsearch-h host-b "dc=example,dc=com" "(| ( uid=*test*) (givenname=*test*)) "

The writing rules for filter here are the same as those in ACI's filter.

With ldapmodify You can change the entry properties, the following is a brief introduction, ldapmodify in the Add, delete, update, change the operation of the DN

1, add entries, when using Ldapmodify to add entries, you can manually enter all the attributes of the entry to be added, you can also use the way to add the file;

The contents of the file are as follows (ADD.LDIF): The required attributes, such as UID,CN,SN, must be written in full when editing the file.

Dn:uid=bcubbins,ou=people,dc=example,dc=com
Objectclass:top
Objectclass:person
Objectclass:organizationalperson
Objectclass:inetorgperson
Uid:bcubbins
Givenname:bartholomew
Sn:cubbins
Cn:bartholomew Cubbins
Mail: [Email protected]
Userpassword:bcubbins
Facsimiletelephonenumber: +1 234 567 8910

Use the command:

Ldapmodify-a-H host-d uid=bjensen,ou=people,dc=example,dc=com-w-F add.ldif

If you are not using a file, you will need to manually enter the contents below the command line and press ENTER when finished. For example:

Dn:uid=bcubbins,ou=people,dc=example,dc=com

changetype:Add

Objectclass:top
Objectclass:person
Objectclass:organizationalperson
Objectclass:inetorgperson
Uid:bcubbins
Givenname:bartholomew
Sn:cubbins
Cn:bartholomew Cubbins
....

　　

2, repair the entry, modify the entry and delete the entry operation similar

Modify by File:

Dn:uid=bcubbins,ou=people,dc=example,dc=com

Changetype:modify
Add:description
Description:added with Ldapmodify
-
Replace:mail
Mail: [Email protected]

Execute ldapmodify command

Ldapmodify-h host-c-v-d uid=bjensen,ou=people,dc=example,dc=com-w-F modify.ldif

If you do not modify the file, you need to manually enter all the red font content

3, delete entries, delete entries can be deleted by specifying the contents of the file, manually enter the need to delete the entry

Ldapmodify-h host-d Uid=bjensen,ou=people,dc=example,dc=com-w-

Dn:uid=bcubbins,ou=people,dc=example,dc=com
changetype: Delete
Deleting entry uid=bcubbins,ou=people,dc=example,dc=com

4, move the entry, that is, change the entry Uid,dn

Ldapmodify-h host-d Uid=hmiller,ou=people,dc=example,dc=com-w-

changetype: Modrdn
Newrdn:uid=jwallace
deleteoldrdn:0
Newsuperior:ou=special users,dc=example,dc=com

Deleteoldrdn:0, retain the original dn;1, delete the original DN. Import and export permissions are required to move the item again.

LDAP Database--ldapsearch,ldapmodify