-a |
Adds new entries. The default for ldapadd
is to add existing entries. This option can be used with the -f
<file> option to read the entries to add from a file. A changetype
should not be specified in the file. |
-r |
Replaces existing values. If invoked
to replace entries, this flag must be set. |
-c |
Enables continuous operation mode. Errors
are reported, but ldapadd will continue. The default is to exit
after reporting an error |
-f <file> |
Reads the add information from an LDIF
file instead of from standard input. The maximum length of a record
is4096 lines.
The record is assumed to be an LDIF record if the first line
starts with a pound sign or a colon appears to the left of an equals
sign. |
-F |
Forces the application to apply all changes
regardless of the contents of input lines that begin with the following:
replica:
By default, these lines are compared against the LDAP server
host and port in use to decide if a replog record should actually
be applied. |
Common Options
|
Description
|
-C |
Enable referral following. (anonymous
bind.) |
-d <level> |
Sets the LDAP debugging level to the
specified level. The ldapmodify utility must be compiled with LDAP_DEBUG
defined for this option to have any effect. |
-D <binddn> |
Specifies the dn to use in binding to
the LDAP server. The dn should be a string-represented dn as defined
in RFC 1779. |
-e <file> |
Specifies the certificate file to use
with an SSL bind. |
-E
|
Use the key file at /etc/opt/novell/certs/SSCert.der
for SSL bind.
NOTE:This option works only on Cypress Linux.
|
-h <host> |
Specifies an alternate host on which
the LDAP server is running. |
-l <limit> |
Specifies the connection timeout (in
seconds). |
-M |
enable Manage DSA IT control. (non-critical) |
-MM |
enable Manage DSA IT control. (critical) |
-n |
Shows what would be done, but doesn’t
actually modify entries. Useful for debugging in conjunction with
-v (verbose mode) which writes many diagnostics to standard output. |
-p <port> |
Specifies an alternate TCP port where
the LDAP server is listening. |
-P <version> |
Specifies the LDAP version (2 or 3). |
-v |
Uses the verbose mode which writes many
diagnostics to standard output. |
-w <passwd> |
Specifies the password to use for simple
authentication. |
-W |
Prompts the user for the password for
simple authentication. This is used instead of specifying the password
on the command line. |
-Z |
Starts TLS before binding to perform
the operation. If an error occurs during the Start TLS operation
the error is ignored and the operation continues. It is recommended
that the -ZZ option be used in place of this option to cause the operation
to abort if an error occurs.
If a port is specified with this with this option, it must
accept clear text connections.
To verify the server identity, this option should be used
in conjunction with the -e option to specify a server certificate
file to validate the server trusted root certificate when TLS is
started. If the -e option is not specified, any certificate from
the server will be accepted. |
-ZZ |
Starts TLS before binding to perform
the operation. If an error occurs during the Start TLS operation
the operation is aborted.
If a port is specified with this with this option, it must
accept clear text connections.
To verify server identity, this option should be used in conjunction
with the -e option to specify a server certificate file to validate
the server trusted root certificate when TLS is started. If the
-e option is not specified, any certificate from the server is accepted. |