Novell Doc: LDAP Libraries for C

2.2 ldapdelete

The ldapdelete utility deletes the specified entry. It opens a connection to an LDAP server, binds, and then deletes. It has the following syntax:

    ldapdelete [options] dn ...

NOTE:On a NetWare server, the utility is called ldelete.

The dn parameter is a list of distinguished names of the entries to be deleted. It interacts with the -f option in the following ways:

If the -f option is missing from the command line and dn's are specified on the command line, the utility deletes the specified entries.
If both dn and the -f option are in the command line, the utility reads the file for the dn's to delete and ignores any dn's in the command line.
If both dn and the -f option are missing in the command line, the utility reads the dn from stdin.

HINT:Output from the ldap utilities is sent to stdout. If the utility exits before you can view the output, redirect the output to a file, for example, ldapdelete [options] > out.txt.

Replace [options] with one of the following:

Option	Description
-c	Enables continuous operation mode. Errors are reported, but ldapdelete will continue with deletions. The default is to exit after reporting an error.
-f <file>	Reads a series of dn's from the specified file. Each dn should be on its own line.
-r	Delete recursively
Common Options	Description
-C	Enable referral following. (anonymous bind.)
-d <level>	Sets the LDAP debugging level to the specified level. The ldapdelete utility must be compiled with LDAP_DEBUG defined for this option to have any effect.
-D <binddn>	Specifies the dn to use in binding to the LDAP server. The dn should be a string-represented dn as defined in RFC 1779.
-e <file>	Specifies the certificate file to use with an SSL bind.
-E	Use the key file at /etc/opt/novell/certs/SSCert.der for SSL bind. NOTE:This option works only on Cypress Linux.
-h <host >	Specifies an alternate host on which the LDAP server is running
-l <limit>	Specifies the connection timeout (in seconds).
-M	enable Manage DSA IT control. (non-critical)
-MM	enable Manage DSA IT control. (critical)
-n	Shows what would be done, but doesn’t actually delete entries. Useful for debugging in conjunction with -v (verbose mode).
-p <port>	Specifies an alternate TCP port where the LDAP server is listening.
-P <version>	Specifies the LDAP protocol version: 2 or 3.
-v	Turns on verbose mode which writes diagnostics to standard output.
-w <passwd>	Specifies the password to use for simple authentication.
-W	Prompts for simple authentication. This is used instead of specifying the password on the command line.
-Z	Starts TLS before binding to perform the operation. If an error occurs during the Start TLS operation the error is ignored and the operation continues. It is recommended that the -ZZ option be used in place of this option to cause the operation to abort if an error occurs. If a port is specified with this with this option, it must accept clear text connections. To verify the server identity, this option should be used in conjunction with the -e option to specify a server certificate file to validate the server trusted root certificate when TLS is started. If the -e option is not specified, any certificate from the server will be accepted.
-ZZ	Starts TLS before binding to perform the operation. If an error occurs during the Start TLS operation the operation is aborted. If a port is specified with this with this option, it must accept clear text connections. To verify server identity, this option should be used in conjunction with the -e option to specify a server certificate file to validate the server trusted root certificate when TLS is started. If the -e option is not specified, any certificate from the server is accepted.