2.4 ldapmodrdn

The ldapmodrdn modifies the relative distinguished name of an entry. It can also move the entry to a new container. It has the following syntax

 ldapmodrdn [options] [-s newSuperior] [dn newrdn]

Dn is a full LDAP dn. Newrdn is a new relative distinguished name.

If given, newrdn will replace the RDN of the entry specified by DN. If not given, the list of modification is read from stdin or from the file specified by "-f file".

NOTE:On a NetWare server, the utility is called lmodrdn dn <newrdn>).

HINT:Output from the ldap utilities is sent to stdout. If the utility exits before you can view the output, redirect the output to a file, for example, ldapmodrdn [options] > out.txt.

The following table describes these options and parameters.

Option

Description

-c

Enables continuous operation mode. Errors are reported, but ldapmodrdn will continue with modifications. The default is to exit after reporting an error.

-f <file>

Performs the sequences of modifications listed in the specified file.

Each record consists of the distinguished name followed by the new rdn attribute on the following line.

For example: dn1 rdn1 dn2 rdn2 Blank lines are ignored.

This option cannot be used with the dn <newrdn> option.

-r

Specifies to remove the old rdn value from the entry. If not specified, defaults to keeping the old value.

-s <newSuperior>

Specifies the distinguished name of the container to which the entry is moving.

Common Options

Description

-C

Enable referral following. (anonymous bind)

-d <level>

Sets the LDAP debugging level to the specified level.

-D <binddn>

Specifies the dn of the entry to use in a bind operation.

-e <file>

Specifies the certificate file to use with an SSL bind.

-E

Use the key file at /etc/opt/novell/certs/SSCert.der for SSL bind.

NOTE:This option works only on Cypress Linux.

-h <host>

Specifies an alternate host on which the LDAP server is running.

-l <limit>

Specifies the connection timeout (in seconds).

-M

enable Manage DSA IT control. (non-critical)

-MM

enable Manage DSA IT control. (critical)

-n

Shows what would be done, but doesn't actually rename the entry.

-p <port>

Specifies an alternate TCP on which the LDAP server is listening.

-P <version>

Specifies the LDAP version (2 or 3).

-v

Turns on verbose mode (sends diagnostics to standard output).

-w <passwd>

Specifies the password to use for simple authentication.

-W

Prompts the user for the password for bind operations.

-Z

Starts TLS before binding to perform the operation. If an error occurs during the Start TLS operation the error is ignored and the operation continues. It is recommended that the -ZZ option be used in place of this option to cause the operation to abort if an error occurs.

If a port is specified with this with this option, it must accept clear text connections.

To verify the server identity, this option should be used in conjunction with the -e option to specify a server certificate file to validate the server trusted root certificate when TLS is started. If the -e option is not specified, any certificate from the server will be accepted.

-ZZ

Starts TLS before binding to perform the operation. If an error occurs during the Start TLS operation the operation is aborted.

If a port is specified with this with this option, it must accept clear text connections.

To verify server identity, this option should be used in conjunction with the -e option to specify a server certificate file to validate the server trusted root certificate when TLS is started. If the -e option is not specified, any certificate from the server is accepted.