How to search and modify an LDAP record from the command line.
- January 24th, 2012
- Posted in Documentation
- Write comment
The following was verified on openldap versions 2.0 and 2.3:
To display all attributes associated with a particular cn:
# ldapsearch -x -b ‘distinguished name‘ ‘cn=Some CN’
Or using a wildcard:
# ldapsearch -x -b ‘distinguished name‘ ‘cn=startswith*’
Example:
# ldapsearch -x -b ‘dc=mydomain,dc=com’ ‘cn=myCN’
# ldapsearch -x -b ‘dc=mydomain,dc=com’ ‘cn=myCNstartwith*’
This information can help you to determine what you want to modify.
How to modify an attribute value for a particular cn:
#ldapmodify -x -D ‘distinguished name‘ -w password -f filename
Contents of filename:
dn: distinguished name
changetype: modify
replace: attribute
attribute: newvalue
Example:
# ldapmodify -x -D ‘cn=admin,dc=mydomain,dc=com’ -w MyPassword -f myfile
# cat myfile
dn: cn=”Lastname, Firstname”, dc=mydomain, dc=com
changetype: modify
replace: mail
mail: myaccount@mydomain.com
No comments yet.