Deleting records – RSA Security 6.1 User Manual

94

Using the LDAP Configuration Interface

September 2005

changetype: add

. Once your editing is complete, run an

ldapmodify -f

command that references the new LDIF file. When the

ldapmodify

command

finishes processing, your new database is populated with the records you
extracted from the old database.

Deleting Records

You can use the

ldapdelete

command to remove records from the LDAP

database. For example, to delete entries names PROFILE1 through PROFILE5,
you would create a file called

deletexample.ldf

.

You would then pass this file to the command as follows:

ldapdelete -V2 -h hostname -p 667 -D"cn=admin,o=radius"
-w password -f deletexample.ldf

Warning: Verify that the dn: values that usually appear in these entries are

not a part of the entries in your file, because this causes the
command to fail.

You can use

ldapdelete

to remove records from the LDAP database without

supplying a file. For example, to delete the profile record identified as
PROFILE1, you would enter the following:

ldapdelete -V2 -h hostname -p 667 -D"cn=admin,o=radius"
-w password
"radiusname=PROFILE1,radiusclass=profile,o=radius"

You can delete records with the

ldapmodify

command if the entries in the text

file contain the line

changetype: delete

. Consider the following sample

LDIF file, named

deletemodify.ldf

:

radiusname=PROFILE1,radiusclass=Profile,o=radius
radiusname=PROFILE2,radiusclass=Profile,o=radius
radiusname=PROFILE3,radiusclass=Profile,o=radius
radiusname=PROFILE4,radiusclass=Profile,o=radius
radiusname=PROFILE5,radiusclass=Profile,o=radius

dn: radiusname=PROFILE2,radiusclass=Profile,o=radius
changetype: delete
dn: radiusname=PROFILE3,radiusclass=Profile,o=radius
changetype: delete
dn: radiusname=PROFILE4,radiusclass=Profile,o=radius
changetype: delete