LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
9.4.1 The ldapentry tool
The ldapentry tool is a script tool that simplifies the task of adding, modifying and deleting
entries in a directory server. It supports the following name services: passwd, group, hosts, rpc,
services, networks, and protocols.
ldapentry accepts run-time options either on the command line, or via environment variables,
which can be defined locally, in the configuration profile or are read in from the configuration
profile. The add and modify functions open an entry into an editor with a predefined template to
aid the user in providing the necessary directory attributes. The template file is customizable and
can be found in /etc/opt/ldapux/ldapentry.templates.
The ldapentry command also accepts options through environment variables, configuration files,
and the LDAP configuration profiles.
Configuration variable
Configuration variables can be defined in the following locations (from most specific to most
general):
1. As shell environment variables
2. In a user rc configuration file (~/.ux_ldap_admin_rc)
3. In a global configuration file (/etc/opt/ldapux/ldapclient.conf)
4. In the LDAP-UX configuration profile (/etc/opt/ldapux/ldapux_profile.ldif)
The order of evaluation is that any settings on more specific locations will overwrite any settings
on more general locations.
Environment variables
The following environment variables can be defined:
LDAP_BINDDN The DN of the LDAP user allowed to add, delete, or modify the entry.
LDAP_BINDCRED The password for the specified LDAP user. It is recommended to not store
the password in any configuration file, the user is prompted for it when
running ldapentry.
LDAP_HOST Host name of LDAP directory server.
LDAP_BASEDN The DN of the search base which tells ldapentry where to start the search
for the entry. In case of adding an entry, LDAP_BASEDN determines the
insert base.
LDAP_SCOPE The scope of LDAP search (sub, one, base). Will default to sub if
LDAP_BASEDN is defined, but LDAP_SCOPE is not. You must define
LDAP_BASEDN, if you define LDAP_SCOPE.
INSERT_BASE This DN tells ldapentry where to insert new entries. This value will default to
LDAP_BASEDN or a default discovered by the configuration profile.
INSERT_BASE is only used when adding entries.
EDITOR The editor to use when an entry is added or modified.
9.4.1.1 Syntax
ldapentry -<a|m|d> [options] <service value | dn>
where
-a Adds a new entry to the directory.
-m Modifies an existing entry in the directory.
-d Deletes an existing entry in the directory.
options
354 Command and tool reference