1LDAPMODRDN(1) General Commands Manual LDAPMODRDN(1)
2
3
4
6 ldapmodrdn - LDAP rename entry tool
7
9 ldapmodrdn [-r] [-n] [-v] [-c] [-M[M]] [-d debuglevel] [-D binddn] [-W]
10 [-w passwd] [-y passwdfile] [-H ldapuri] [-h ldaphost] [-p ldapport]
11 [-P 2|3] [-O security-properties] [-I] [-Q] [-U authcid] [-R realm]
12 [-x] [-X authzid] [-Y mech] [-Z[Z]] [-f file] [dn rdn]
13
15 ldapmodrdn is a shell-accessible interface to the ldap_modrdn2(3)
16 library call.
17
18 ldapmodrdn opens a connection to an LDAP server, binds, and modifies
19 the RDN of entries. The entry information is read from standard input,
20 from file through the use of the -f option, or from the command-line
21 pair dn and rdn.
22
24 -r Remove old RDN values from the entry. Default is to keep old
25 values.
26
27 -n Show what would be done, but don't actually change entries.
28 Useful for debugging in conjunction with -v.
29
30 -v Use verbose mode, with many diagnostics written to standard out‐
31 put.
32
33 -c Continuous operation mode. Errors are reported, but ldapmod‐
34 rdn will continue with modifications. The default is to
35 exit after reporting an error.
36
37 -M[M] Enable manage DSA IT control. -MM makes control critical.
38
39 -d debuglevel
40 Set the LDAP debugging level to debuglevel. ldapmodrdn must be
41 compiled with LDAP_DEBUG defined for this option to have any
42 effect.
43
44 -f file
45 Read the entry modification information from file instead of
46 from standard input or the command-line.
47
48 -x Use simple authentication instead of SASL.
49
50 -D binddn
51 Use the Distinguished Name binddn to bind to the LDAP directory.
52
53 -W Prompt for simple authentication. This is used instead of spec‐
54 ifying the password on the command line.
55
56 -w passwd
57 Use passwd as the password for simple authentication.
58
59 -y passwdfile
60 Use complete contents of passwdfile as the password for simple
61 authentication.
62
63 -H ldapuri
64 Specify URI(s) referring to the ldap server(s); only the proto‐
65 col/host/port fields are allowed; a list of URI, separated by
66 whitespace or commas is expected.
67
68 -h ldaphost
69 Specify an alternate host on which the ldap server is running.
70 Deprecated in favor of -H.
71
72 -p ldapport
73 Specify an alternate TCP port where the ldap server is listen‐
74 ing. Deprecated in favor of -H.
75
76 -P 2|3 Specify the LDAP protocol version to use.
77
78 -O security-properties
79 Specify SASL security properties.
80
81 -I Enable SASL Interactive mode. Always prompt. Default is to
82 prompt only as needed.
83
84 -Q Enable SASL Quiet mode. Never prompt.
85
86 -U authcid
87 Specify the authentication ID for SASL bind. The form of the ID
88 depends on the actual SASL mechanism used.
89
90 -R realm
91 Specify the realm of authentication ID for SASL bind. The form
92 of the realm depends on the actual SASL mechanism used.
93
94 -X authzid
95 Specify the requested authorization ID for SASL bind. authzid
96 must be one of the following formats: dn:<distinguished name> or
97 u:<username>
98
99 -Y mech
100 Specify the SASL mechanism to be used for authentication. If
101 it's not specified, the program will choose the best mechanism
102 the server knows.
103
104 -Z[Z] Issue StartTLS (Transport Layer Security) extended operation. If
105 you use -ZZ, the command will require the operation to be suc‐
106 cessful.
107
109 If the command-line arguments dn and rdn are given, rdn will replace
110 the RDN of the entry specified by the DN, dn.
111
112 Otherwise, the contents of file (or standard input if no -f flag is
113 given) should consist of one or more entries.
114
115 Distinguished Name (DN)
116 Relative Distinguished Name (RDN)
117
118 One or more blank lines may be used to separate each DN/RDN pair.
119
121 Assuming that the file /tmp/entrymods exists and has the contents:
122
123 cn=Modify Me,dc=example,dc=com
124 cn=The New Me
125
126 the command:
127
128 ldapmodrdn -r -f /tmp/entrymods
129
130 will change the RDN of the "Modify Me" entry from "Modify Me" to "The
131 New Me" and the old cn, "Modify Me" will be removed.
132
134 Exit status is 0 if no errors occur. Errors result in a non-zero exit
135 status and a diagnostic message being written to standard error.
136
138 ldapadd(1), ldapdelete(1), ldapmodify(1), ldapsearch(1), ldap.conf(5),
139 ldap(3), ldap_modrdn2(3)
140
142 The OpenLDAP Project <http://www.openldap.org/>
143
145 OpenLDAP is developed and maintained by The OpenLDAP Project
146 (http://www.openldap.org/). OpenLDAP is derived from University of
147 Michigan LDAP 3.3 Release.
148
149
150
151OpenLDAP 2.3.34 2007/2/16 LDAPMODRDN(1)