ldapdelete man page on OpenDarwin

Man page or keyword search:  
man Server   3202 pages
apropos Keyword Search (all sections)
Output format
OpenDarwin logo
[printable version]


       ldapdelete - LDAP delete entry tool

       ldapdelete  [-n]	 [-v] [-k] [-K] [-c] [-M[M]] [-d debuglevel] [-f file]
       [-D binddn] [-W] [-w passwd] [-y passwdfile] [-H ldapuri] [-h ldaphost]
       [-P 2|3] [-p ldapport] [-O security-properties] [-U authcid] [-R realm]
       [-x] [-I] [-Q] [-X authzid] [-Y mech] [-Z[Z]] [dn]...

       ldapdelete  is  a  shell-accessible  interface  to  the	ldap_delete(3)
       library call.

       ldapdelete opens a connection to an LDAP server, binds, and deletes one
       or more entries.	 If one or more DN  arguments  are  provided,  entries
       with those Distinguished Names are deleted.  Each DN should be provided
       using the LDAPv3 string representation as defined in RFC 2253.	If  no
       dn  arguments  are  provided, a list of DNs is read from standard input
       (or from file if the -f flag is used).

       -n     Show what would be done,	but  don't  actually  delete  entries.
	      Useful for debugging in conjunction with -v.

       -v     Use verbose mode, with many diagnostics written to standard out‐

       -k     Use Kerberos IV authentication instead of simple authentication.
	      It  is  assumed  that  you  already have a valid ticket granting
	      ticket. This option only has effect if  ldapdelete  is  compiled
	      with Kerberos support.

       -K     Same  as -k, but only does step 1 of the Kerberos IV bind.  This
	      is  useful  when	connecting  to	a  slapd  and  there   is   no
	      x500dsa.hostname	principal registered with your Kerberos Domain

       -c     Continuous  operation  mode.   Errors    are    reported,	   but
	      ldapdelete  will	continue  with	deletions.   The default is to
	      exit after reporting an error.

       -M[M]  Enable manage DSA IT control.  -MM makes control critical.

       -d debuglevel
	      Set the LDAP debugging level to debuglevel.  ldapdelete must  be
	      compiled	with  LDAP_DEBUG  defined  for this option to have any

       -f file
	      Read a series of DNs from file, one per line, performing an LDAP
	      delete for each.

       -x     Use simple authentication instead of SASL.

       -D binddn
	      Use the Distinguished Name binddn to bind to the LDAP directory.

       -W     Prompt for simple authentication.	 This is used instead of spec‐
	      ifying the password on the command line.

       -w passwd
	      Use passwd as the password for simple authentication.

       -y passwdfile
	      Use complete contents of passwdfile as the password  for	simple

       -H ldapuri
	      Specify URI(s) referring to the ldap server(s).

       -h ldaphost
	      Specify  an  alternate host on which the ldap server is running.
	      Deprecated in favor of -H.

       -p ldapport
	      Specify an alternate TCP port where the ldap server  is  listen‐
	      ing.  Deprecated in favor of -H.

       -P 2|3 Specify the LDAP protocol version to use.

       -r     Do  a  recursive	delete.	 If the DN specified isn't a leaf, its
	      children, and all their children are deleted down the tree.   No
	      verification is done, so if you add this switch, ldapdelete will
	      happily delete large portions of your tree.  Use with care.

       -O security-properties
	      Specify SASL security properties.

       -I     Enable SASL Interactive mode.  Always  prompt.   Default	is  to
	      prompt only as needed.

       -Q     Enable SASL Quiet mode.  Never prompt.

       -U authcid
	      Specify  the  authentication  ID	for SASL bind. The form of the
	      identity depends on the actual SASL mechanism used.

       -R realm
	      Specify the realm of authentication ID for SASL bind.  The  form
	      of the realm depends on the actual SASL mechanism used.

       -X authzid
	      Specify  the proxy authorization ID for SASL bind.  authzid must
	      be one of the  following	formats:  dn:<distinguished  name>  or

       -Y mech
	      Specify  the  SASL  mechanism  to be used for authentication. If
	      it's not specified, the program will choose the  best  mechanism
	      the server knows.

       -Z[Z]  Issue StartTLS (Transport Layer Security) extended operation. If
	      you use -ZZ, the command will require the operation to  be  suc‐

       The following command:

	   ldapdelete "cn=Delete Me,dc=example,dc=com"

       will   attempt	to  delete  the	 entry	named  "cn=Delete  Me,dc=exam‐
       ple,dc=com".  Of course	it  would  probably  be	 necessary  to	supply
       authentication credentials.

       Exit  status is 0 if no errors occur.  Errors result in a non-zero exit
       status and a diagnostic message being written to standard error.

       ldap.conf(5), ldapadd(1), ldapmodify(1), ldapmodrdn(1),	ldapsearch(1),
       ldap(3), ldap_delete(3)

       The OpenLDAP Project <http://www.openldap.org/>

       OpenLDAP	  is   developed   and	maintained  by	The  OpenLDAP  Project
       (http://www.openldap.org/).  OpenLDAP is	 derived  from	University  of
       Michigan LDAP 3.3 Release.


List of man pages available for OpenDarwin

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net