四、对目录进行删除、添加entry
1、删除:ldapdelete
#在删除的时候需要的是DN的信息,所以最好先导出所要删除的条目
方法一:
[root@station2 ~]# ldapsearch -x "uid=zhangsan123"|grep dn
|
|
dn: uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com
[root@station2 ~]# ldapdelete -x "uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com" -W
Enter LDAP Password:
方法二:
[root@station2 ~]# ldapsearch -x "uid=zhangsan123"|grep dn >delzhangsan.ldif
[root@station2 ~]# vi delzhangsan.ldif
uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com
[root@station2 ~]# ldapdelete -x -f delzhangsan.ldif -W
Enter LDAP Password:
#这里一定要加入-W 因为默认的用户没有删除他人的权限, 则一定要用管理员。也可以使用-r将整个子树删掉。
2、添加:ldapadd
[root@station2 ~]# vi zhangsan.ldif
dn: uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com
cn: zhangsam 123
sn: zhang
givenName: Emanuel
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
ou: Product Testing
ou: People
l: Santa Clara
uid: zhangsan123
mail: [email protected]
telephoneNumber: +1 408 555 0933
facsimileTelephoneNumber: +1 408 555 9752
roomNumber: 3906
manager: uid=jwalker, ou=People, dc=station2,dc=example,dc=com
[root@station2 ~]# ldapadd -x -c -f zhangsan.ldif -W
Enter LDAP Password:
adding new entry "uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com"
2、修改一个已经存在的rdn的名字
[root@station2 ~]# ldapsearch -x "uid=zhangsan123" -LLL
dn: uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com
cn: zhangsam 123
sn: zhang
givenName: Emanuel
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
ou: Product Testing
ou: People
l: Santa Clara
uid: zhangsan123
mail: [email protected]
telephoneNumber: +1 408 555 0933
facsimileTelephoneNumber: +1 408 555 9752
roomNumber: 3906
manager: uid=jwalker, ou=People, dc=station2,dc=example,dc=com
[root@station2 ~]# vi modrdn.ldif
uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com
uid=zhangsan
[root@station2 ~]# ldapmodrdn -x -f modrdn.ldif -W
Enter LDAP Password:
[root@station2 ~]# ldapsearch -x "uid=zhangsan123" -LLL
dn: uid=zhangsan,ou=People,dc=station2,dc=example,dc=com
cn: zhangsam 123
sn: zhang
givenName: Emanuel
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
ou: Product Testing
ou: People
l: Santa Clara
uid: zhangsan123
uid: zhangsan
mail: [email protected]
telephoneNumber: +1 408 555 0933
facsimileTelephoneNumber: +1 408 555 9752
roomNumber: 3906
manager: uid=jwalker, ou=People, dc=station2,dc=example,dc=com
#多出uid: zhangsan 一行,则说明已经修改rdn了
4、利用ldapmodify修改LDAP的条目的属性
l 添加add:changetype: modify
add: attributes
Attributes: newvalue
如:
[root@station2 ~]# vi modif.ldif
dn: uid=zhangsan,ou=People,dc=station2,dc=example,dc=com
changetype: modify
add: mail
mail: [email protected]
[root@station2 ~]# ldapmodify -x -f modif.ldif -W
Enter LDAP Password:
modifying entry "uid=zhangsan,ou=People,dc=station2,dc=example,dc=com"
l 删除delete:changetype: modify
delete: attribute
attribute: value
如:
[root@station2 ~]# vi modif.ldif
dn: uid=zhangsan,ou=People,dc=station2,dc=example,dc=com
changetype: modify
delete: mail
mail: [email protected]
[root@station2 ~]# ldapmodify -x -f modif.ldif -W
Enter LDAP Password:
modifying entry "uid=zhangsan,ou=People,dc=station2,dc=example,dc=com"
l 替换replace:changetype: modify
replace: attribute
attribute: newvalue
如:
[root@station2 ~]# vi modif.ldif
dn: uid=zhangsan,ou=People,dc=station2,dc=example,dc=com
changetype: modify
replace: mail
mail: [email protected]
[root@station2 ~]# ldapmodify -x -f modif.ldif -W
Enter LDAP Password:
modifying entry "uid=zhangsan,ou=People,dc=station2,dc=example,dc=com"
原文出自: http://www.linuxidc.com/Linux/2011-04/34566.htm