HP-UX Directory Server 8.1 configuration, command, and file reference

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server

201

202

203

204

205

206

207

208

209

210

• “ldapdelete SASL options” (page 206)

• “Additional ldapdelete options” (page 207)

6.6.1 ldapdelete syntax

ldapdelete [optional_options]

6.6.2 Commonly-used ldapdelete options

Table 6-15 Commonly-used ldapdelete options

DescriptionOption

Specifies the distinguished name with which to authenticate to the server. The value must be a DN

recognized by the Directory Server, and it must also have the authority to delete the entries. For

example:

-D "uid=bjensen, dc=example,dc=com"

For more information on access control, see the "Managing Access Control" chapter in the HP-UX

Directory Server administrator guide. The -D option cannot be used with the -N option.

-D

Specifies the dn of the entry to delete.dn

Specifies that the password policy request control not be sent with the bind request. By default, the

new LDAP password policy request control is sent with bind requests. The ldapdelete tool can

parse and display information from the response control if it is returned by a server; that is, the tool

will print an appropriate error or warning message when a server sends the password policy response

control with the appropriate value. The criticality of the request control is set to false to ensure

that all LDAPv3 servers that do not understand the control can ignore it. To suppress sending of

the request control with the bind request, include -g on the command-line.

-g

Specifies the name of the host on which the server is running. For example:

-h cyclops

The default is localhost.

-h

Specifies the port number that the server uses. The default is 389. If -Z is used, the default is 636.-p

Specifies the password associated with the distinguished name specified in the -D option. For

example:

-w mypassword

The default is "", or anonymous. If a password is not sent on the command line and the server

requires one, the command prompts for one. It is more secure not to provide a password on the

command line so that it does not show up in clear text in a listing of commands.

-w

6.6.3 ldapdelete SSL options

Use the following options to specify that the ldapdelete command use LDAPS when

communicating with the Directory Server or to use certificate-based authentication. These options

are valid only when LDAPS has been turned on and configured for the Directory Server. For

more information on certificate-based authentication and how to create a certificate database for

use with LDAP clients, see the "Managing SSL" and "Managing SASL" chapters in the HP-UX

Directory Server administrator guide.

Ensure that the Directory Server's encrypted port is set when using these options.

Table 6-16 ldapdelete SSL options

DescriptionOption

Specifies that host names should be checked in SSL certificates.

-3

Specifies the SSL key password file that contains the token:password pair.-I

6.6 ldapdelete 205