HP-UX Directory Server 8.1 configuration, command, and file reference

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server

191

192

193

194

195

196

197

198

199

200

Table 6-3 Commonly-used ldapsearch options (continued)

DescriptionOption

Specifies that the search results are sorted on the server rather than on the client. This is useful to

sort according to a matching rule, as with an international search. In general, it is faster to sort on

the server rather than on the client.

-x

Specifies the maximum number of entries to return in response to a search request. For example:

-z 1000

Normally, regardless of the value specified here, the ldapsearch utility never returns more entries

than the number allowed by the server's nsslapd-sizelimit attribute, unless the authenticated

user is the Directory Manager. However, this limitation can be overridden by binding as the root

DN when using this command-line argument. This is because binding as the root DN causes this

option to default to zero (0). The default value for the nsslapd-sizelimit attribute is 2000

entries. See “nsslapd-sizelimit (Size limit)” for more information.

-z

6.4.3 Persistent search options

A persistent search leaves the search operation open after the initial search results are returned.

This allows the entries returned in the search to remain in cache and updates to be transmitted

and included as they occur. Persistent searches leave the ldapsearch open until the client closes

the connection. Using persistent searches is described in the "Finding directory entries" appendix

of the HP-UX Directory Server administrator guide.

# ldapsearch -r -C PS:changetype[:changesonly[:entrychgcontrols]]\ -b dc=example,dc=com objectclass=*

In the access logs, a persistent search is identifies with the tag options=persistent.

Table 6-4 Persistent search options

DescriptionOption

Runs the ldapsearch utility as a persistent search.

-C

Prints all the output from the ldapsearch command from the buffer immediately. This is

useful with the -C for persistent searches because it prints any entry modifications without

delay and without the search hanging. It can also be used with other searches (using the

ldapsearch utility), not only persistent searches.

-r

Specifies which types of changes to entries allow the entry to be returned in the persistent

search. There options are:

• add

• delete

• modify

• moddn (modRDN)

• all

PS:changetype

Sets whether to return all existing entries which match the search filter (0) or only to return

matching entries when the entry is modified (1). The default is 1

changesonly

Sets whether to send entry change controls, additional information about the modification

made to the entry. If the value is set to 0, then only the entry is returned. If the value is set to

1, then a line is added to the entry as it is returned to the persistent search that lists the

changeType performed on the entry. The default is 1.

entrychgcontrols

6.4.4 ldapsearch SSL options

The following command-line options can be used to specify that ldapsearch utility use LDAPS

when communicating with an SSL-enabled Directory Server or used for certificate-based

authentication. These options are valid only when LDAPS has been turned on and configured

for the Directory Server. For information on certificate-based authentication and creating a

certificate database for use with LDAP clients, see the "Managing SSL" chapter in the HP-UX

Directory Server administrator guide.

192 Command-line utilities