ldapugdel.1m (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

ldapugdel(1M) ldapugdel(1M)

be 389 or 636 for SSL connections (

-Z). Refer to Binding to the Directory Server below

for additional details.

-p port Speciﬁes the port number of the directory server to contact. This option is ignored if the

port number is speciﬁed in the hostname as part of the

-h option. Refer to Binding to

the Directory Server below for additional details.

-t type Speciﬁes the service type of entry to be deleted. The service type can be either

passwd

or group,where:

passwd implies posixAccount-type entries and,

group implies posixGroup-type entries.

If unspeciﬁed,

ldapugdel defaults to passwd

Note: to be consistent with the Name Service Switch (see switch (4)), the term

passwd is

used to represent LDAP user entries which contain POSIX account-related information.

-O[protAttr[,...]]

Do not delete the entire user or group entry. Instead delete only the posixAccount or

posixGroup objectclass and associated attributes.

With the

-t passwd option, ldapugdel will remove the posixAccount objectclass and

the following attributes:

• uidNumber

• gidNumber

• homeDirectory

• loginShell

• gecos

With the

-t group option, ldapugdel will remove the posixGroup objectclass and the

following attributes:

• gidNumber

• memberUid

• userPassword

The protAttr list is of one or more of the above attribute names separated by commas

with no white-space. If speciﬁed,

ldapugdel will not remove the speciﬁed attribute(s).

Special notes for using the

-O option:

• Since mapped attributes are often attributes that are shared with other LDAP-

enabled applications, attribute mapping is not supported with

ldapugdel.

For example, if uidNumber has been mapped to employeeNumber,

ldapugdel will

still attempt to remove the uidNumber attribute and not the employeeNumber attri-

bute.

• Since the uid, cn, and description attributes, for user entries, and the cn and descrip-

tion attributes, for group entries, are commonly used by other objectclasses or as nam-

ing attributes,

ldapugdel will not attempt to remove the uid, cn,ordescription

attributes, unless failure to remove those attributes would cause an objectclass viola-

tion (because the remaining object classes for that entry would not be able to contain

those attributes).

Use of

-x will force removal of those attributes if allowed by the remaining object

classes for that entry.

• Since the userPassword attribute is often used by other user-related objectclasses,

ldapugdel will not attempt to remove the userPassword attribute when removing

user entries.

Use of

-y will override this option, if allowed by the remaining object classes in that

entry.

•

ldapugdel will attempt to remove the posixAccount and posixGroup objectclasses

only if they are present. In some cases, when a user or group entry is built using an

abstract class, the posixAccount and posixGroup entries may not be present in the

entry.

2 Hewlett-Packard Company − 2 − HP-UX 11i v3: June 2010 Web Release