1LDAPMODRDN(1)               General Commands Manual              LDAPMODRDN(1)
2
3
4

NAME

6       ldapmodrdn - LDAP rename entry tool
7

SYNOPSIS

9       ldapmodrdn [-r] [-n] [-v] [-c] [-M[M]] [-d debuglevel] [-D binddn] [-W]
10       [-w passwd] [-y passwdfile]  [-H ldapuri]  [-h ldaphost]  [-p ldapport]
11       [-P 2|3]  [-O security-properties]  [-I]  [-Q]  [-U authcid] [-R realm]
12       [-x] [-X authzid] [-Y mech] [-Z[Z]] [-f file] [dn rdn]
13

DESCRIPTION

15       ldapmodrdn is  a  shell-accessible  interface  to  the  ldap_modrdn2(3)
16       library call.
17
18       ldapmodrdn  opens  a  connection to an LDAP server, binds, and modifies
19       the RDN of entries.  The entry information is read from standard input,
20       from  file  through  the use of the -f option, or from the command-line
21       pair dn and rdn.
22

OPTIONS

24       -r     Remove old RDN values from the entry.  Default is  to  keep  old
25              values.
26
27       -n     Show  what  would  be  done,  but don't actually change entries.
28              Useful for debugging in conjunction with -v.
29
30       -v     Use verbose mode, with many diagnostics written to standard out‐
31              put.
32
33       -c     Continuous operation mode.  Errors  are  reported,  but ldapmod‐
34              rdn will  continue  with  modifications.    The  default  is  to
35              exit after reporting an error.
36
37       -M[M]  Enable manage DSA IT control.  -MM makes control critical.
38
39       -d debuglevel
40              Set  the LDAP debugging level to debuglevel.  ldapmodrdn must be
41              compiled with LDAP_DEBUG defined for this  option  to  have  any
42              effect.
43
44       -f file
45              Read  the  entry  modification  information from file instead of
46              from standard input or the command-line.
47
48       -x     Use simple authentication instead of SASL.
49
50       -D binddn
51              Use the Distinguished Name binddn to bind to the LDAP directory.
52
53       -W     Prompt for simple authentication.  This is used instead of spec‐
54              ifying the password on the command line.
55
56       -w passwd
57              Use passwd as the password for simple authentication.
58
59       -y passwdfile
60              Use  complete  contents of passwdfile as the password for simple
61              authentication.
62
63       -H ldapuri
64              Specify URI(s) referring to the ldap server(s); only the  proto‐
65              col/host/port  fields  are  allowed; a list of URI, separated by
66              whitespace or commas is expected.
67
68       -h ldaphost
69              Specify an alternate host on which the ldap server  is  running.
70              Deprecated in favor of -H.
71
72       -p ldapport
73              Specify  an  alternate TCP port where the ldap server is listen‐
74              ing.  Deprecated in favor of -H.
75
76       -P 2|3 Specify the LDAP protocol version to use.
77
78       -O security-properties
79              Specify SASL security properties.
80
81       -I     Enable SASL Interactive mode.  Always  prompt.   Default  is  to
82              prompt only as needed.
83
84       -Q     Enable SASL Quiet mode.  Never prompt.
85
86       -U authcid
87              Specify  the authentication ID for SASL bind. The form of the ID
88              depends on the actual SASL mechanism used.
89
90       -R realm
91              Specify the realm of authentication ID for SASL bind.  The  form
92              of the realm depends on the actual SASL mechanism used.
93
94       -X authzid
95              Specify  the  requested authorization ID for SASL bind.  authzid
96              must be one of the following formats: dn:<distinguished name> or
97              u:<username>
98
99       -Y mech
100              Specify  the  SASL  mechanism  to be used for authentication. If
101              it's not specified, the program will choose the  best  mechanism
102              the server knows.
103
104       -Z[Z]  Issue StartTLS (Transport Layer Security) extended operation. If
105              you use -ZZ, the command will require the operation to  be  suc‐
106              cessful.
107

INPUT FORMAT

109       If  the  command-line  arguments dn and rdn are given, rdn will replace
110       the RDN of the entry specified by the DN, dn.
111
112       Otherwise, the contents of file (or standard input if  no  -f  flag  is
113       given) should consist of one or more entries.
114
115           Distinguished Name (DN)
116           Relative Distinguished Name (RDN)
117
118       One or more blank lines may be used to separate each DN/RDN pair.
119

EXAMPLE

121       Assuming that the file /tmp/entrymods exists and has the contents:
122
123           cn=Modify Me,dc=example,dc=com
124           cn=The New Me
125
126       the command:
127
128           ldapmodrdn -r -f /tmp/entrymods
129
130       will  change  the RDN of the "Modify Me" entry from "Modify Me" to "The
131       New Me" and the old cn, "Modify Me" will be removed.
132

DIAGNOSTICS

134       Exit status is 0 if no errors occur.  Errors result in a non-zero  exit
135       status and a diagnostic message being written to standard error.
136

SEE ALSO

138       ldapadd(1),  ldapdelete(1), ldapmodify(1), ldapsearch(1), ldap.conf(5),
139       ldap(3), ldap_modrdn2(3)
140

AUTHOR

142       The OpenLDAP Project <http://www.openldap.org/>
143

ACKNOWLEDGEMENTS

145       OpenLDAP  is  developed  and  maintained  by   The   OpenLDAP   Project
146       (http://www.openldap.org/).   OpenLDAP  is  derived  from University of
147       Michigan LDAP 3.3 Release.
148
149
150
151OpenLDAP 2.3.34                    2007/2/16                     LDAPMODRDN(1)
Impressum