Table 6.15. commonly-used ldapdelete options, Ssl options – Red Hat 8.1 User Manual

Table 6.15. Commonly-Used ldapdelete Options

Option

Description

-D

Specifies the distinguished name with which to
authenticate to the server. The value must be a
DN recognized by the Directory Server, and it
must also have the authority to delete the entries.
For example:

-D "uid=bjensen, dc=example,dc=com"

For more information on access control, see the
"Managing Access Control" chapter in the
Directory Server Administrator's Guide. The -D
option cannot be used with the -N option.

dn

Specifies the dn of the entry to delete.

-g

Specifies that the password policy request control
not be sent with the bind request. By default, the
new LDAP password policy request control is
sent with bind requests. The ldapdelete tool
can parse and display information from the
response control if it is returned by a server; that
is, the tool will print an appropriate error or
warning message when a server sends the
password policy response control with the
appropriate value. The criticality of the request
control is set to false to ensure that all LDAPv3
servers that do not understand the control can
ignore it. To suppress sending of the request
control with the bind request, include -g on the
command-line.

-h

Specifies the name of the host on which the
server is running. For example:

-h cyclops

The default is localhost.

-p

Specifies the port number that the server uses.
The default is 389. If -Z is used, the default is
636.

-w

Specifies the password associated with the
distinguished name specified in the -D option. For
example:

-w mypassword

The default is "", or anonymous. If a password is
not sent on the command line and the server
requires one, the command prompts for one. It is
more secure not to provide a password on the
command line so that it does not show up in clear
text in a listing of commands.

SSL Options

Use the following options to specify that ldapdelete use LDAPS when communicating with the
Directory Server or to use certificate-based authentication. These options are valid only when LDAPS
has been turned on and configured for the Directory Server. For more information on certificate-based
authentication and how to create a certificate database for use with LDAP clients, see the "Managing
SSL" and "Managing SASL" chapters in the Directory Server Administrator's Guide.

Ensure that the Directory Server's encrypted port is set when using these options.

Red Hat Directory Server 8.1 Configuration and Command Reference

195