ldapentry(1)ldapentry(1)NAMEldapentry - simple add, modify, and delete entries in an LDAP directory
SYNOPSIS
login] base] host] port] scope] {service key | dn}
DESCRIPTION
is a script that allows administrators to add, modify, and delete
entries in an LDAP directory. The and functions open an entry into an
editor so knowledge of the LDIF (RFC2849) syntax is required.
This manpage describes the use of including the command line, environ‐
ment variables, profile support, and resource files.
Arguments
requires these arguments:
Specifies the
operation to be performed. One of these operations must be
specified:
Adds a new entry to the directory.
An LDIF template will be read into an editor for the
entry to be added. The new entry's location in the
directory will be determined by the variable (if
defined), by the template, or the location described in
the service descriptors in the LDAP configuration pro‐
file.
See section below for information about the templates.
Deletes an entry from the directory.
Modifies an existing the directory entry.
The entry will be sent into a editor in the LDIF format
for the user to modify.
{service key | dn}
requires either service key or dn, where
service Name of the service set that will determine the type of
entry to edit, where service can be one of the follow‐
ing:
{
key Entry's common name or UID.
dn Full distinguished name of the entry.
Options
supports the following options. These options are not required because
some of them may be defaulted to the profile and configuration files or
prompted for by
Specifies the DN of the search/insert base which defines where
starts the search/insert for the entry.
This option is optional if the variable is set. If speci‐
fied, this option overwrites the variable setting.
Specifies the distinguished name (DN) of an administrator who has the
authority to add, modify, or delete entries in the LDAP
directory.
This option is optional if the environment variable has been
set. If specified, this option overwrites the variable set‐
ting.
Forces command execution, with warning override.
Specifies the host name of the LDAP directory.
If not specified, uses the local host.
Specifies the TCP port number that the LDAP directory uses.
If not specified, defaults to port 389.
Specify scope of the search, where
scope can be one of the following:
Search only the entry specified in the
option or defined by the environment variable.
Search only the immediate children of the entry specified in
the
option. Only the children is searched, the actual
entry specified in the option is not searched.
Search the entry specified in the
option and all of its descendants. Perform a subtree
search starting at the point identified in the
option.
This is the default.
Displays verbose information.
Templates
The function of will open an entry from the template file in for the
user to edit and add to the directory. The template can be customized
and variable references will be defined by on execution, if available.
Security Restriction
The LDAP administrator password is a required parameter, but for secu‐
rity reasons, it may not be specified on the command line. It will be
prompted for or may be specified in an environment variable, described
in section below.
When adding, any sensitive information (such as will be prompted for
with hidden input after the editor is closed. However, the function
requires that the user enter everything within the editor (where it
will be unsecured clear-text.)
EXTERNAL INFLUENCES
The command also accepts options through environment variables, config‐
uration files, and the LDAP configuration profile.
Configuration Variables
For configuration variables may be specified in the following locations
(in order of precedence):
1. Local environment variables.
2. Local user configuration file
3. Global configuration file
will also discover configuration parameter defaults from the directory
configuration profile created by the LDAP-UX setup program,
Environment variables override configuration parameters in the users
file. The file overrides the global configuration file. The global
configuration file overrides parameters from the configuration profile
stored in the directory.
Example:
With the following definition in these configuration files:
will only use
Environment Variables
The following variables may be specified as shell environment variables
or in either of the above two configuration files.
Name of the editor that will be used when you do an add or modify
(defaults to the editor.)
This DN specifies to
where to insert new entries. This value will
default to or a default defined by the configura‐
tion profile. is only used when adding entries.
The DN of the search base which specifies where
starts looking from for the entry. If this vari‐
able has been defined, but was not, then defaults
to
The password for the above privileged LDAP user.
*** May not be stored in a configuration file ***.
The DN of the LDAP administrator allowed to add, delete, or modify the
entry.
The host name of the LDAP directory server.
uses the format. (If port is missing, will auto‐
matically default to port 389, as suggested by the
RFC2251 standard.)
The type of LDAP search
under the You must define if you define
Configuration Files
The file is used to locally define variables for each user. The file
is used to globally define variables for all users on the system.
The structure for configuration files is:
Example:
LDAP-UX Profile
The LDAP administration tools will retrieve configuration information
from the directory as specified by the configuration profile found in
The LDAP profile information is not available on NIS clients.
EXAMPLESFILES
SEE ALSO
ldap‐
clientd(1M),
ldap‐
clientd.conf(4),
ldapux(5),
pam_authz(5),
pam_ldap(5).
LDIF RFC2849,
LDAPv3 RFC2251.
ldapentry(1)