1 .TH LDAPMODRDN 1 "17 August 1999" "OpenLDAP LDVERSION"
3 .\" Copyright 1998-1999 The OpenLDAP Foundation All Rights Reserved.
4 .\" Copying restrictions apply. See COPYRIGHT/LICENSE.
6 ldapmodrdn \- LDAP rename entry tool
24 .BI \-d \ debuglevel\fR]
32 .BI \-h \ ldaphost\fR]
34 .BI \-p \ ldapport\fR]
36 .BI \-P \ 2\fR\||\|\fI3\fR]
42 .BI \-U \ username\fR]
55 is a shell-accessible interface to the
60 opens a connection to an LDAP server, binds, and modifies the RDN of entries.
61 The entry information is read from standard input, from \fIfile\fP through
64 option, or from the command-line pair \fIdn\fP and
69 Remove old RDN values from the entry. Default is to keep old values.
72 Show what would be done, but don't actually change entries. Useful for
73 debugging in conjunction with -v.
76 Use verbose mode, with many diagnostics written to standard output.
79 Use Kerberos authentication instead of simple authentication. It is
80 assumed that you already have a valid ticket granting ticket.
82 must be compiled with KERBEROS defined for this option to have effect.
85 Same as \-k, but only does step 1 of the kerberos bind. This is useful
86 when connecting to a slapd and there is no x500dsa.hostname principal
87 registered with your kerberos servers.
90 Continuous operation mode. Errors are reported, but ldapmodify
91 will continue with modifications. The default is to exit after
95 Enable manage DSA IT control.
97 makes control critical.
100 Set the LDAP debugging level to \fIdebuglevel\fP.
103 compiled with LDAP_DEBUG defined for this option to have any effect.
106 Read the entry modification information from \fIfile\fP instead of from
107 standard input or the command-line.
110 Use \fIbinddn\fP to bind to the LDAP directory. \fIbinddn\fP should be
111 a string-represented DN as defined in RFC 1779.
114 Prompt for simple authentication.
115 This is used instead of specifying the password on the command line.
118 Use \fIpasswd\fP as the password for simple authentication.
121 Specify an alternate host on which the ldap server is running.
124 Specify an alternate TCP port where the ldap server is listening.
126 .BI \-P \ 2\fR\||\|\fI3
127 Specify the LDAP protocol version to use.
130 Requset the use of SASL privacy (encryption). If the server allows it, data
131 sent between the client and the server will be encrypted. If the server
132 requires the use of encryption and this flag is not specified, the command
133 will fail. If you use
135 , the command will fail if the server does not support encryption.
141 Request the use of SASL integrity checking. It protects data sent between the
142 client and the server from being modified along the way, but it does not
143 prevent sniffing. If the server requires the use of integrity checking and
144 this flag is not specified, the command will fail.If you use
146 , the command will fail if the server does not support this function.
149 Specify the username for SASL bind. The syntax of the username depends on the
150 actual SASL mechanism used.
153 Specify the requested authorization ID for SASL bind.
155 must be one of the following formats:
157 .I <distinguished name>
163 Specify the SASL mechanism to be used for authentication. If it's not
164 specified, the program will choose the best mechanism the server knows.
167 Request the use of TLS (Transport Layer Security). If you use
169 , the command will fail if TLS negotiation does not succeed for some reason.
171 If the command-line arguments \fIdn\fP and \fIrdn\fP are given, \fIrdn\fP
172 will replace the RDN of the entry specified by the DN, \fIdn\fP.
174 Otherwise, the contents of \fIfile\fP (or standard input if
177 flag is given) should consist of one or more entries.
180 Distinguished Name (DN)
181 Relative Distinguished Name (RDN)
184 One or more blank lines may be used to separate each DN/RDN pair.
186 Assuming that the file
188 exists and has the contents:
191 cn=Modify Me, dc=OpenLDAP, dc=org
198 ldapmodify -r -f /tmp/entrymods
201 will change the RDN of the "Modify Me" entry from "Modify Me" to
202 "The New Me" and the old cn, "Modify Me" will be removed.
205 Exit status is 0 if no errors occur. Errors result in a non-zero exit
206 status and a diagnostic message being written to standard error.
217 .IR "A String Representation of Distinguished Names",
220 ISODE Consortium, March 1995.
222 There is no interactive mode, but there probably should be.
225 is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
227 is derived from University of Michigan LDAP 3.3 Release.