RH423-4 LDAP的功能模型二

 四、对目录进行删除、添加entry

1、删除：ldapdelete      

#在删除的时候需要的是DN的信息，所以最好先导出所要删除的条目

 

方法一:

[root@station2 ~]# ldapsearch -x "uid=zhangsan123"|grep dn

dn: uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com

 

[root@station2 ~]# ldapdelete -x "uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com" -W

Enter LDAP Password:

 

方法二：

[root@station2 ~]# ldapsearch -x "uid=zhangsan123"|grep dn >delzhangsan.ldif

 

[root@station2 ~]# vi delzhangsan.ldif

uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com

 

[root@station2 ~]# ldapdelete -x -f delzhangsan.ldif -W

Enter LDAP Password:

 

#这里一定要加入-W 因为默认的用户没有删除他人的权限， 则一定要用管理员。也可以使用-r将整个子树删掉。

 

2、添加：ldapadd

[root@station2 ~]# vi zhangsan.ldif

dn: uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com

cn: zhangsam 123

sn: zhang

givenName: Emanuel

objectClass: top

objectClass: person

objectClass: organizationalPerson

objectClass: inetOrgPerson

ou: Product Testing

ou: People

l: Santa Clara

uid: zhangsan123

mail: zhangsan@example.com

telephoneNumber: +1 408 555 0933

facsimileTelephoneNumber: +1 408 555 9752

roomNumber: 3906

manager: uid=jwalker, ou=People, dc=station2,dc=example,dc=com

 

[root@station2 ~]# ldapadd -x -c -f zhangsan.ldif -W

Enter LDAP Password:

adding new entry "uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com"

 

2、修改一个已经存在的rdn的名字

[root@station2 ~]# ldapsearch -x "uid=zhangsan123" -LLL

dn: uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com

cn: zhangsam 123

sn: zhang

givenName: Emanuel

objectClass: top

objectClass: person

objectClass: organizationalPerson

objectClass: inetOrgPerson

ou: Product Testing

ou: People

l: Santa Clara

uid: zhangsan123

mail: zhangsan@example.com

telephoneNumber: +1 408 555 0933

facsimileTelephoneNumber: +1 408 555 9752

roomNumber: 3906

manager: uid=jwalker, ou=People, dc=station2,dc=example,dc=com

 

[root@station2 ~]# vi modrdn.ldif

uid=zhangsan123,ou=People,dc=station2,dc=example,dc=com

uid=zhangsan

 

[root@station2 ~]# ldapmodrdn -x -f modrdn.ldif -W

Enter LDAP Password:

 

[root@station2 ~]# ldapsearch -x "uid=zhangsan123" -LLL

dn: uid=zhangsan,ou=People,dc=station2,dc=example,dc=com

cn: zhangsam 123

sn: zhang

givenName: Emanuel

objectClass: top

objectClass: person

objectClass: organizationalPerson

objectClass: inetOrgPerson

ou: Product Testing

ou: People

l: Santa Clara

uid: zhangsan123

uid: zhangsan

mail: zhangsan@example.com

telephoneNumber: +1 408 555 0933

facsimileTelephoneNumber: +1 408 555 9752

roomNumber: 3906

manager: uid=jwalker, ou=People, dc=station2,dc=example,dc=com

#多出uid： zhangsan 一行，则说明已经修改rdn了

 

4、利用ldapmodify修改LDAP的条目的属性

l  添加add：changetype: modify

add: attributes

              Attributes: newvalue

如：

[root@station2 ~]# vi modif.ldif

dn: uid=zhangsan,ou=People,dc=station2,dc=example,dc=com

changetype: modify

add: mail

mail: zhangsan@example.com

 

[root@station2 ~]# ldapmodify -x -f modif.ldif -W

Enter LDAP Password:

modifying entry "uid=zhangsan,ou=People,dc=station2,dc=example,dc=com"

 

l  删除delete：changetype: modify

             delete: attribute

             attribute: value

 如：

[root@station2 ~]# vi modif.ldif

dn: uid=zhangsan,ou=People,dc=station2,dc=example,dc=com

changetype: modify

delete: mail

mail: zhangsan@example.com

 

[root@station2 ~]# ldapmodify -x -f modif.ldif -W      

Enter LDAP Password:

modifying entry "uid=zhangsan,ou=People,dc=station2,dc=example,dc=com"

 

l  替换replace：changetype: modify

                  replace: attribute

                  attribute: newvalue

如：

[root@station2 ~]# vi modif.ldif                

dn: uid=zhangsan,ou=People,dc=station2,dc=example,dc=com

changetype: modify

replace: mail

mail: zhangsan123@example.com

 

 [root@station2 ~]# ldapmodify -x -f modif.ldif -W

Enter LDAP Password:

modifying entry "uid=zhangsan,ou=People,dc=station2,dc=example,dc=com"

本文转自netsword 51CTO博客，原文链接:http://blog.51cto.com/netsword/541776