HostedDB - Dedicated UNIX Servers
Securing-Optimizing-RH-Linux-1_2_326
Comments and suggestions concerning this book should be mailed to gmourani@videotron.ca © Copyright 1999-2000 Gerhard Mourani and Open Network Architecture ® 326 Step 2 Once the file “newentry” have been created, we must add the entry in the LDAP directory server. · To actually create the entry on-line in the backend database, use the following command: [root@deep /]# ldapadd -f /tmp/newentry -D "cn=admin, o=openarch, c=com" -W Enter LDAP Password : The above command assumes that you have set rootdn to "cn=admin, o=openarch, c=com" and rootpw to "secret". You will be prompted to enter the password. NOTE: It is important to note that the “slapd” daemon of LDAP is started in this mode of creation. ldapmodify Contrarily to relational databases where data are constantly changed, directory server contains information that is rarely modified once inserted. But some time you need to modify information and the “ldapmodify” tool will help you in your tasks. The “ldapmodify” command allows you to adds or modifies entries on the backend directory server. Assuming that we want to replace the contents of the “Europe Mourani” entry’s mail attribute with the new value “emourani@new.com”, the following steps will be require: Step 1 Create the modifyentry file (touch /tmp/modifyentry) and add in this file the contents: cn=Europe Mourani, o=openarch, c=com - mail=emourani@old.com # will delete the old mail address for Europe Mourani in the database. +mail=emourani@new.com # will add the new mail address for Europe Mourani in the database. Step 2 Once the “modifyentry” file have been created, we must replace the entry in the LDAP directory server with the one contained in this file (modifyentry). · To modify the contents of backend database, use the following command: [root@deep /]# ladpmodify -D ‘cn=Admin, o=openarch, c=com’ -W  -f <inputfile> [root@deep /]# ladpmodify -D ‘cn=Admin, o=openarch, c=com’ -W  -f modifyentry Where <inputfile> is the name of the file “modifyentry” we have created in step 1 above. OpenLDAP Users Tools Search on LDAP directory server for entries The ldapsearch utility search through the backend database of LDAP directory for information you have requested. · To search on LDAP directory for entries, use the following command: [root@deep /]# ldapsearch -b ‘dn’ ‘attrs’ [root@deep /]# ldapsearch -b ‘o=openarch, c=com’ ‘cn=europe*’ cn=Europe Mourani, o=openarch, c=com cn=Europe Mourani sn=Mourani mail=emourani@old.com  description=Marketing relation objectClass=person