LDAP Command Line Cheat #OpenDJ

I use the command line a lot when interfacing with OpenDJ. One of the issues with this is that I often run into an issue with the BindDN user’s password has an “!” (bang) in it. As this is a special character in Unix/Linux command line, it will typically cause unexpected results.

With ldapsearch you can just leave the password parameter off and you will be prompted to provide the password. I have found that this is not the case with ldapmodify and ldapdelete. So, this can be problematic when trying to delete a user’s record.

Another work-around is to set up a tools.properties file in your user’s home directory. So, if you typically run these commands as a user named “opendj” then you would create the following file, in the opendj user’s home directory:


So, then to delete a user:

Create an ldif file containing the user’s DN and the change type:

ex. vi deleuser.ldif
dn: uid=newuser,ou=People,dc=example,dc=com
changetype: delete

Then run the ldapmodify command:

$ldapmodify -p 1389 -f deluser.ldif

You will be prompted for the password which you can type in and not worry about any conflicts with the OS command line.

7 thoughts on “LDAP Command Line Cheat #OpenDJ

  1. Ludo says:

    Both OpenDJ ldapsearch and ldapmodify do accept -w – which will trigger the password to be prompted.
    Alternately, you can use -j so that the password is read from a file, that you can store and protect on your disk.

    1. bradtumy says:

      Great suggestions! Thanks Ludo!

  2. Brian says:

    Also you should consider quoting & properly escaping strings when used on the command line.

    -w ‘!password’

    1. Brad Tumy says:

      Great idea Brian. Thanks!

  3. yoom says:


    By any change you know how to change the hostname for an OpenDJ LDAP server?
    I have been google and have not find any solution yet.

    Want to change an existing and move it into a different IP subnet.


    1. Brad Tumy says:

      I am not sure that Ludo will see your question here but the chapter you are looking for is here.

Leave a Reply

Your email address will not be published. Required fields are marked *

Next article

ForgeRock Docs and Alfred