-.TH LDAPMODIFY 1 "20 August 2001" "OpenLDAP LDVERSION"
+.TH LDAPMODIFY 1 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" $OpenLDAP$
-.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copyright 1998-2007 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
ldapmodify, ldapadd \- LDAP modify entry and LDAP add entry tools
.BR \-c ]
[\c
.BI \-S \ file\fR]
-.[\c
-.BR \-C ]
[\c
.BR \-n ]
[\c
.BR \-v ]
[\c
-.BR \-k ]
-[\c
-.BR \-K ]
-[\c
.BR \-M[M] ]
[\c
.BI \-d \ debuglevel\fR]
[\c
.BI \-w \ passwd\fR]
[\c
+.BI \-y \ passwdfile\fR]
+[\c
.BI \-H \ ldapuri\fR]
[\c
.BI \-h \ ldaphost\fR]
[\c
.BI \-U \ authcid\fR]
[\c
+.BI \-R \ realm\fR]
+[\c
.BR \-x ]
[\c
.BI \-X \ authzid\fR]
[\c
.BI \-S \ file\fR]
[\c
-.BR \-C ]
-[\c
.BR \-n ]
[\c
.BR \-v ]
[\c
-.BR \-k ]
-[\c
-.BR \-K ]
-[\c
.BR \-M[M] ]
[\c
.BI \-d \ debuglevel\fR]
[\c
.BI \-w \ passwd\fR]
[\c
+.BI \-y \ passwdfile\fR]
+[\c
.BI \-h \ ldaphost\fR]
[\c
.BI \-p \ ldapport\fR]
[\c
.BI \-U \ authcid\fR]
[\c
+.BI \-R \ realm\fR]
+[\c
.BR \-x ]
[\c
.BI \-X \ authzid\fR]
.SH DESCRIPTION
.B ldapmodify
is a shell-accessible interface to the
-.BR ldap_modify (3)
+.BR ldap_add_ext (3),
+.BR ldap_modify_ext (3),
+.BR ldap_delete_ext (3)
and
-.BR ldap_add (3)
+.BR ldap_rename (3).
library calls.
.B ldapadd
is implemented as a hard link to the ldapmodify tool. When invoked as
.BR ldapadd ,
this flag is always set.
.TP
-.B \-C
-Automatically chase referrals.
-.TP
.B \-c
Continuous operation mode. Errors are reported, but
.B ldapmodify
.B \-v
Use verbose mode, with many diagnostics written to standard output.
.TP
-.B \-k
-Use Kerberos IV authentication instead of simple authentication. It is
-assumed that you already have a valid ticket granting ticket. You must
-compile with Kerberos support for this option to have any effect.
-.TP
-.B \-K
-Same as \-k, but only does step 1 of the Kerberos IV bind. This is useful
-when connecting to a slapd and there is no x500dsa.hostname principal
-registered with your Kerberos Domain Controller(s).
-.TP
.B \-F
Force application of all changes regardless of the contents of input
lines that begin with
.BI \-w \ passwd
Use \fIpasswd\fP as the password for simple authentication.
.TP
+.BI \-y \ passwdfile
+Use complete contents of \fIpasswdfile\fP as the password for
+simple authentication.
+.TP
.BI \-H \ ldapuri
-Specify URI(s) referring to the ldap server(s).
+Specify URI(s) referring to the ldap server(s); only the protocol/host/port
+fields are allowed; a list of URI, separated by whitespace or commas
+is expected.
.TP
.BI \-h \ ldaphost
Specify an alternate host on which the ldap server is running.
Specify the authentication ID for SASL bind. The form of the ID
depends on the actual SASL mechanism used.
.TP
+.BI \-R \ realm
+Specify the realm of authentication ID for SASL bind. The form of the realm
+depends on the actual SASL mechanism used.
+.TP
.BI \-X \ authzid
Specify the requested authorization ID for SASL bind.
.I authzid
.SH INPUT FORMAT
The contents of \fIfile\fP (or standard input if no \-f flag is given on
the command line) should conform to the format defined in
-.BR slapd.replog (5),
+.BR ldif (1)
+(LDIF as defined RFC 2849), or
+.BR slapd.replog (5)
+(an extended form of LDIF)
with the exceptions noted below.
.LP
Lines that begin with "replica:" are matched against the LDAP server host
.LP
If no "changetype:" line is present, the default is "add" if the -a
flag is set (or if the program was invoked as
-.I ldapmodify)
+.I ldapadd)
and "modify" otherwise.
.LP
If changetype is "modify" and no "add:", "replace:", or "delete:" lines
-appear, the default is "replace" for and "add"
+appear, the default is "replace" for
.BR ldapmodify (1)
-for
+and "add" for
.BR ldapadd (1).
.LP
Note that the above exceptions to the
dn: cn=Modify Me,dc=example,dc=com
changetype: modify
replace: mail
- mail: modme@OpenLDAP.org
+ mail: modme@example.com
-
add: title
title: Grand Poobah
-
add: jpegPhoto
- jpegPhoto:< file://tmp/modme.jpeg
+ jpegPhoto:< file:///tmp/modme.jpeg
-
delete: description
-
the command:
.LP
.nf
- ldapadd -f /tmp/entrymods
+ ldapadd -f /tmp/newentry
.fi
.LP
will add a new entry for Babs Jensen, using the values from the
.B /tmp/newentry.
.LP
Assuming that the file
-.B /tmp/newentry
+.B /tmp/entrymods
exists and has the contents:
.LP
.nf
.BR ldapsearch (1),
.BR ldap.conf (5),
.BR ldap (3),
-.BR ldap_add (3),
-.BR ldap_delete (3),
-.BR ldap_modify (3),
-.BR ldap_modrdn (3),
+.BR ldap_add_ext (3),
+.BR ldap_delete_ext (3),
+.BR ldap_modify_ext (3),
+.BR ldap_modrdn_ext (3),
+.BR ldif (5),
.BR slapd.replog (5)
.SH AUTHOR
The OpenLDAP Project <http://www.openldap.org/>
.SH ACKNOWLEDGEMENTS
-.B OpenLDAP
-is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
-.B OpenLDAP
-is derived from University of Michigan LDAP 3.3 Release.
+.so ../Project