With the table to explain the common LDAP keyword, feel the form of convenient memory and contrast, but also easy to find later, so it turned over, the original address: http://blog.csdn.net/reblue520/article/details/51804162
LDAP Common name Interpretation
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/87/16/wKioL1fT02Lg3UmmAAIUJHaIC60641.jpg "title=" 2016. JPG "alt=" wkiol1ft02lg3ummaaiujhaic60641.jpg "/>
The following is a summary of openldap commonly used commands, the feeling is quite full, so take to make records, the original is seen in: http://blog.csdn.net/zouahaijun/article/details/4503330
Common command introduction
slapd
4 using the IPV4 standard
6 using IPV6 standard
-D Debug mode general use -1,1,256
-F to specify the path to the configuration file
-H can specify the port to start the service ldap://:2004 start the service with Port 2004
SLURPD
-D Debug Mode General 4
-F Specify configuration file
-R Specify copy
ldapadd
-x for simple authentication
-d used to bind the server's DN
-h directory service address
-w password for bind DN
-f File added using LDIF file
example Ldapadd-x-D "cn=root,dc=starxing,dc=com"-W secret-f/root/ Test.ldif
Ldapadd-x-D "cn=root,dc=starxing,dc=com"-W Secret (this is written in Command line add entry)
Ldapsearch
-x for simple authentication
-d The DN used to bind the server
-w password for bound DN
-b Specify the root node to query
-h The server you want to query
Example: ldapsearch-x-D "cn=root,dc=starxing,dc=com"-w secret-b "dc=starxing,dc=com"
& nbsp; use simple authentication, bind with "cn=root,dc=starxing,dc=com",
the root to query is "dc= Starxing,dc=com ". This will give the bound user access to the
all data displayed under "Dc=starxing,dc=com".
Example: Ldapsearch-x-w-d "CN=ADMINISTRATOR,CN=USERS,DC=OSDN,DC=ZZTI,DC=EDU,DC=CN"-B "cn=administrator,cn=users,dc= OSDN,DC=ZZTI,DC=EDU,DC=CN "-H troy.osdn.zzti.edu.cn
Ldapsearch-b "DC=CANON-IS,DC=JP"-H ldaps://192.168.0.92:636
(You need to modify the configuration file for the OpenLDAP client ldap.conf, refer to: http://ms.ntcb.edu.tw/~steven/l-penguin.s/article/ldap-5.htm)
Ldapdelete
./ldapdelete-x-D "cn=manager,dc=test,dc=com"-W Secret "uid=test1,ou=people,dc=test,dc=com"
Ldapdelete-x-d ' cn=root,dc=it,dc=com '-w secert ' uid=zyx,dc=it,dc=com '
This allows you to delete the ' uid=zyx,dc=it,dc=com ' record, and you should be aware that if there are members in the O or OU that cannot be deleted.
ldappasswd
-X for simple authentication
-D to bind the server's DN
-W bind DN Password
-S prompt input password
-S pass set the password to pass
-a pass set old passwd to pass
-A hints for setting old passwd
-H refers to the server to bind to
-I use SASL session mode
Example: Ldappasswd-x-d ' cm=root,dc=it,dc=com '-w secret ' uid=zyx,dc=it,dc=com '-s
New Password:
Re-enter new password:
Can change the password, if there is no password in the original record, will automatically generate a userpassword.
ldapmodify
-a adds a new entry. The default is to modify the existing entries.
-C auto-trace reference.
-C continue executing the program after an error does not abort. By default, an error is stopped immediately. Like if your LDIF
Item does not exist within the database, the program exits by default, but if the parameter is used, the process
The error is ignored and continues execution.
-N is used to debug traffic to the server. But does not actually perform the search. When the server shuts down, returns an error;
When on, always test with the-v parameter to see if the server is a path.
-V runs in the detailed module. Some more detailed information is typed in the standard output. For example, a server-attached
IP address, port number, and so on.
-M[M] Open Manage DSA IT control. -MM set this control to be important.
-F file reads the entry's modification information from within the file instead of reading from the standard input.
-X uses simple authentication.
-D BINDDN Specifies the user name for the search (typically a DN value).
-w Specifies the parameter, and the system pops a prompt into the user's password. It is used relative to the-w parameter.
-W BINDPASSWD directly specifies the user's password. It is used relative to the-w parameter.
-H Ldapuri Specifies the connection to the server URI (IP address and port number, the common format is
Ldap://hostname:port). If you use-H, you cannot use the-H and-p parameters.
-H ldaphost Specifies the name/IP address of the host to which you want to connect. It is used with-p.
-P ldapport Specifies the port number to connect to the directory server. It is used with-H.
If you use the-H and-p parameters, you cannot use the-h parameter.
-Z[Z] Use STARTTLS to extend the operation. If you use-zz, the command forces the use of the STARTTLS handshake to succeed.
-V Enables the certificate authentication feature, which is used by the directory server to authenticate with the client certificate and must be enabled with-zz
TLS is used in conjunction with, and is anonymously bound to, a directory server.
-E Setting client certificate file, example:-E cert/client.crt
-e Setting the client certificate private key file, for example:-E Cert/client.key
Example: Ldapmodify-x-D "cn=root,dc=it,dc=com"-w-f modify.ldif
Update the records in the Modify.ldif to the original records.
This article is from "it Little two lang" blog, please make sure to keep this source http://jerry12356.blog.51cto.com/4308715/1851428
OpenLDAP common operation and common keyword explanation