1 /* ldapdelete.c - simple program to delete an entry using LDAP */
4 * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
5 * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
12 #include <ac/stdlib.h>
15 #include <ac/signal.h>
16 #include <ac/string.h>
17 #include <ac/unistd.h>
22 static char *binddn = NULL;
23 static char *passwd = NULL;
24 static char *ldaphost = NULL;
25 static int ldapport = 0;
27 static int not, verbose, contoper;
30 static int dodelete LDAP_P((
34 static int deletechildren LDAP_P(( LDAP *ld,
38 main( int argc, char **argv )
40 char *usage = "usage: %s [-n] [-v] [-k] [-W] [-M[M]] [-r] [-d debug-level] [-f file] [-h ldaphost] [-P version] [-p ldapport] [-D binddn] [-w passwd] [dn]...\n";
43 int i, rc, authmethod, want_bindpw, version, debug, manageDSAit;
45 not = verbose = contoper = want_bindpw = debug = manageDSAit = 0;
47 authmethod = LDAP_AUTH_SIMPLE;
50 while (( i = getopt( argc, argv, "WMnvkKcrh:P:p:D:w:d:f:" )) != EOF ) {
52 case 'k': /* kerberos bind */
53 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
54 authmethod = LDAP_AUTH_KRBV4;
56 fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
57 fprintf( stderr, usage, argv[0] );
58 return( EXIT_FAILURE );
61 case 'K': /* kerberos bind, part one only */
62 #ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
63 authmethod = LDAP_AUTH_KRBV41;
65 fprintf (stderr, "%s was not compiled with Kerberos support\n", argv[0]);
66 fprintf( stderr, usage, argv[0] );
67 return( EXIT_FAILURE );
70 case 'c': /* continuous operation mode */
73 case 'h': /* ldap host */
74 ldaphost = strdup( optarg );
76 case 'D': /* bind DN */
77 binddn = strdup( optarg );
79 case 'w': /* password */
80 passwd = strdup( optarg );
84 for( p = optarg; *p == '\0'; p++ ) {
89 case 'f': /* read DNs from a file */
90 if (( fp = fopen( optarg, "r" )) == NULL ) {
96 debug |= atoi( optarg );
99 ldapport = atoi( optarg );
101 case 'n': /* print deletes, don't actually do them */
107 case 'v': /* verbose mode */
111 /* enable Manage DSA IT */
118 switch( atoi(optarg) )
121 version = LDAP_VERSION2;
124 version = LDAP_VERSION3;
127 fprintf( stderr, "protocol version should be 2 or 3\n" );
128 fprintf( stderr, usage, argv[0] );
129 return( EXIT_FAILURE );
133 fprintf( stderr, usage, argv[0] );
134 return( EXIT_FAILURE );
138 if( authmethod != LDAP_AUTH_SIMPLE ) {
139 if( version == LDAP_VERSION3 ) {
140 fprintf(stderr, "Kerberos requires LDAPv2\n");
143 version = LDAP_VERSION2;
147 if( version == LDAP_VERSION2 ) {
148 fprintf(stderr, "manage DSA control requires LDAPv3\n");
151 version = LDAP_VERSION3;
155 if ( optind >= argc ) {
161 if( ber_set_option( NULL, LBER_OPT_DEBUG_LEVEL, &debug ) != LBER_OPT_SUCCESS ) {
162 fprintf( stderr, "Could not set LBER_OPT_DEBUG_LEVEL %d\n", debug );
164 if( ldap_set_option( NULL, LDAP_OPT_DEBUG_LEVEL, &debug ) != LDAP_OPT_SUCCESS ) {
165 fprintf( stderr, "Could not set LDAP_OPT_DEBUG_LEVEL %d\n", debug );
170 (void) SIGNAL( SIGPIPE, SIG_IGN );
173 if (( ld = ldap_init( ldaphost, ldapport )) == NULL ) {
174 perror( "ldap_init" );
175 return( EXIT_FAILURE );
179 /* this seems prudent */
180 int deref = LDAP_DEREF_NEVER;
181 ldap_set_option( ld, LDAP_OPT_DEREF, &deref );
184 /* don't chase referrals */
185 ldap_set_option( ld, LDAP_OPT_REFERRALS, LDAP_OPT_OFF );
188 ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) != LDAP_OPT_SUCCESS)
190 fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n", version );
194 passwd = getpass("Enter LDAP Password: ");
196 if ( ldap_bind_s( ld, binddn, passwd, authmethod ) != LDAP_SUCCESS ) {
197 ldap_perror( ld, "ldap_bind" );
198 return( EXIT_FAILURE );
204 LDAPControl *ctrls[2];
208 c.ldctl_oid = LDAP_CONTROL_MANAGEDSAIT;
209 c.ldctl_value.bv_val = NULL;
210 c.ldctl_value.bv_len = 0;
211 c.ldctl_iscritical = manageDSAit > 1;
213 err = ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, &ctrls );
215 if( err != LDAP_OPT_SUCCESS ) {
216 fprintf( stderr, "Could not set Manage DSA IT Control\n" );
217 if( c.ldctl_iscritical ) {
218 exit( EXIT_FAILURE );
225 for ( ; optind < argc; ++optind ) {
226 rc = dodelete( ld, argv[ optind ] );
229 while ((rc == 0 || contoper) && fgets(buf, sizeof(buf), fp) != NULL) {
230 buf[ strlen( buf ) - 1 ] = '\0'; /* remove trailing newline */
231 if ( *buf != '\0' ) {
232 rc = dodelete( ld, buf );
250 printf( "%sdeleting entry \"%s\"\n",
251 (not ? "!" : ""), dn );
256 /* If prune is on, remove a whole subtree. Delete the children of the
257 * DN recursively, then the DN requested.
259 if ( prune ) deletechildren( ld, dn );
260 if (( rc = ldap_delete_s( ld, dn )) != LDAP_SUCCESS ) {
261 ldap_perror( ld, "ldap_delete" );
262 } else if ( verbose ) {
263 printf( "\tremoved\n" );
271 * Delete all the children of an entry recursively until leaf nodes are reached.
274 static int deletechildren( LDAP *ld,
277 LDAPMessage *res, *e;
280 int timeout = 30 * 10000;
282 ldap_set_option( ld, LDAP_OPT_TIMEOUT, &timeout );
283 if ( verbose ) printf ( "deleting children of: %s\n", dn );
285 * Do a one level search at dn for children. For each, delete its children.
287 if ( ldap_search_s( ld, dn, LDAP_SCOPE_ONELEVEL, "(objectclass=*)", NULL, 0, &res ) == -1 )
289 ldap_perror( ld, "ldap_search" );
290 ldap_get_option( ld, LDAP_OPT_ERROR_NUMBER, &rc );
294 entries = ldap_count_entries( ld, res );
299 for (e = ldap_first_entry( ld, res ), i = 0; e != NULL;
300 e = ldap_next_entry( ld, e ), i++ )
302 if ( (rc = deletechildren( ld, ldap_get_dn( ld, e) )) == -1 )
304 ldap_perror( ld, "ldap_prune" );
309 printf( "\tremoving %s\n", ldap_get_dn( ld, e ) );
311 if ( rc = ldap_delete_s( ld, ldap_get_dn( ld, e ) ) == -1 )
313 ldap_perror( ld, "ldap_delete" );
318 printf( "\t%s removed\n", ldap_get_dn( ld, e ) );
projects / openldap / blob