1 .TH LDAPDELETE 1 "RELEASEDATE" "OpenLDAP LDVERSION"
3 .\" Copyright 1998-2005 The OpenLDAP Foundation All Rights Reserved.
4 .\" Copying restrictions apply. See COPYRIGHT/LICENSE.
6 ldapdelete \- LDAP delete entry tool
18 .BI \-d \ debuglevel\fR]
28 .BI \-y \ passwdfile\fR]
32 .BI \-h \ ldaphost\fR]
34 .BI \-P \ 2\fR\||\|\fI3\fR]
36 .BI \-p \ ldapport\fR]
38 .BR \-O \ security-properties ]
61 is a shell-accessible interface to the
66 opens a connection to an LDAP server, binds, and deletes one or more
67 entries. If one or more \fIDN\fP arguments are provided, entries with
68 those Distinguished Names are deleted. Each \fIDN\fP should be provided
69 using the LDAPv3 string representation as defined in RFC 2253.
70 If no \fIdn\fP arguments
71 are provided, a list of DNs is read from standard input (or from
72 \fIfile\fP if the -f flag is used).
76 Show what would be done, but don't actually delete entries. Useful for
77 debugging in conjunction with -v.
80 Use verbose mode, with many diagnostics written to standard output.
83 Continuous operation mode. Errors are reported, but
85 will continue with deletions. The default is to exit after
89 Enable manage DSA IT control.
91 makes control critical.
94 Set the LDAP debugging level to \fIdebuglevel\fP.
96 must be compiled with LDAP_DEBUG defined for this option to have any effect.
99 Read a series of DNs from \fIfile\fP, one per line, performing an
100 LDAP delete for each.
103 Use simple authentication instead of SASL.
106 Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory.
109 Prompt for simple authentication.
110 This is used instead of specifying the password on the command line.
113 Use \fIpasswd\fP as the password for simple authentication.
116 Use complete contents of \fIpasswdfile\fP as the password for
117 simple authentication.
120 Specify URI(s) referring to the ldap server(s); only the protocol/host/port
121 fields are allowed; a list of URI, separated by whitespace or commas
125 Specify an alternate host on which the ldap server is running.
126 Deprecated in favor of -H.
129 Specify an alternate TCP port where the ldap server is listening.
130 Deprecated in favor of -H.
132 .BI \-P \ 2\fR\||\|\fI3
133 Specify the LDAP protocol version to use.
136 Do a recursive delete. If the DN specified isn't a leaf, its
137 children, and all their children are deleted down the tree. No
138 verification is done, so if you add this switch, ldapdelete will
139 happily delete large portions of your tree. Use with care.
141 .BI \-O \ security-properties
142 Specify SASL security properties.
145 Enable SASL Interactive mode. Always prompt. Default is to prompt
149 Enable SASL Quiet mode. Never prompt.
152 Specify the authentication ID for SASL bind. The form of the identity depends on the
153 actual SASL mechanism used.
156 Specify the realm of authentication ID for SASL bind. The form of the realm
157 depends on the actual SASL mechanism used.
160 Specify the requested authorization ID for SASL bind.
162 must be one of the following formats:
164 .I <distinguished name>
170 Specify the SASL mechanism to be used for authentication. If it's not
171 specified, the program will choose the best mechanism the server knows.
174 Issue StartTLS (Transport Layer Security) extended operation. If you use
176 , the command will require the operation to be successful.
178 The following command:
181 ldapdelete "cn=Delete Me,dc=example,dc=com"
184 will attempt to delete the entry named "cn=Delete Me,dc=example,dc=com".
185 Of course it would probably be necessary to supply authentication
188 Exit status is 0 if no errors occur. Errors result in a non-zero exit
189 status and a diagnostic message being written to standard error.
199 The OpenLDAP Project <http://www.openldap.org/>
202 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
204 is derived from University of Michigan LDAP 3.3 Release.