Red Hat ENTERPRISE LINUX 3 Reference Manual page 221

Chapter 13. Lightweight Directory Access Protocol (LDAP)
There are two servers contained in the
LDAP Daemon (
/usr/sbin/slapd
(
/usr/sbin/slurpd
The daemon is the standalone LDAP server while the
slapd
changes from one LDAP server to other LDAP servers on the network. The
used when dealing with multiple LDAP servers.
To perform administrative tasks, the
the directory:
/usr/sbin/
— Adds entries from an LDIF file to an LDAP directory. For example, the command
• slapadd
/usr/sbin/slapadd -l ldif-input
entries.
— Pulls entries out of an LDAP directory in the default format, Berkeley DB, and saves
• slapcat
them in an LDIF file. For example, the command
puts an LDIF file called
mand works for directories created under Red Hat Enterprise Linux 3 and Red Hat Linux 9.
— Pulls entries out of an LDAP directory in the gdbm format (the default in earlier
• slapcat-gdbm
versions of OpenLDAP) and saves them in an LDIF file. This command is provided solely as a
means for migrating a directory from OpenLDAP implemented under Red Hat Enterprise Linux
2.1 and Red Hat Linux versions 7.x through 8. Refer to Section 13.8 Migrating Directories from
Earlier Releases for information on how to use this command.
— Re-indexes the
• slapindex
run whenever indexing options within
— Generates an encrypted user password value for use with
• slappasswd
value in the
rootpw
/usr/sbin/slappasswd
Warning
Be sure to stop
. Otherwise, the integrity of the LDAP directory is at risk.
slapindex
For more information about how to use these utilities, refer to their respective man pages.
The
openldap-clients
delete entries in an LDAP directory. These tools include the following:
— Adds entries to an LDAP directory by accepting input via a file or standard input;
• ldapadd
is actually a hard link to
ldapadd
— Deletes entries from an LDAP directory by accepting input via user input at a shell
•
ldapdelete
prompt or via a file.
— Modifies entries in an LDAP directory, accepting input via a file or standard input.
•
ldapmodify
— Sets the password for an LDAP user.
• ldappasswd
— Searches for entries in an LDAP directory using a shell prompt.
• ldapsearch
With the exception of
containing the changes to be made rather than typing a command for each entry to be changed within
an LDAP directory. The format of such a file is outlined in the man page for each utility.
) and the Standalone LDAP Update Replication Daemon
).
openldap-servers
ldif-output
slapd
/etc/openldap/slapd.conf
configuration file,
slapd
command to create the password.
by issuing
slapd /sbin/service ldap stop
package installs tools into
ldapmodify -a
, each of these utilities is more easily used by referencing a file
ldapsearch
openldap-servers
slurpd
package installs the following utilities into
reads in the LDIF file,
/usr/sbin/slapcat -l ldif-output
containing the entries from the LDAP directory. This com-
directory based on the current content. This tool should be
/etc/openldap/slapd.conf
/usr/bin/
.
package: the Standalone
daemon is used to synchronize
daemon is only
slurpd
, containing the new
ldif-input
are changed.
ldapmodify
before using
slapadd
which are used to add, modify, and
203
out-
or the
. Execute the
, or
slapcat