I use the command line a lot when interfacing with OpenDJ. One of the issues with this is that I often run into an issue with the BindDN user’s password has an “!” (bang) in it. As this is a special character in Unix/Linux command line, it will typically cause unexpected results.
With ldapsearch you can just leave the password parameter off and you will be prompted to provide the password. I have found that this is not the case with ldapmodify and ldapdelete. So, this can be problematic when trying to delete a user’s record.
Another work-around is to set up a tools.properties file in your user’s home directory. So, if you typically run these commands as a user named “opendj” then you would create the following file, in the opendj user’s home directory:
~/.opendj/tools.properties
hostname=directory.example.com
port=1389
bindDN=uid=kvaughn,ou=People,dc=example,dc=com
ldapcompare.port=1389
ldapdelete.port=1389
ldapmodify.port=1389
ldappasswordmodify.port=1389
ldapsearch.port=1389
So, then to delete a user:
Create an ldif file containing the user’s DN and the change type:
ex. vi deleuser.ldif
dn: uid=newuser,ou=People,dc=example,dc=com
changetype: delete
Then run the ldapmodify command:
$ldapmodify -p 1389 -f deluser.ldif
You will be prompted for the password which you can type in and not worry about any conflicts with the OS command line.
Both OpenDJ ldapsearch and ldapmodify do accept -w – which will trigger the password to be prompted.
Alternately, you can use -j so that the password is read from a file, that you can store and protect on your disk.
Great suggestions! Thanks Ludo!
Also you should consider quoting & properly escaping strings when used on the command line.
-w ‘!password’
Great idea Brian. Thanks!
Ludo,
By any change you know how to change the hostname for an OpenDJ LDAP server?
I have been google and have not find any solution yet.
Want to change an existing and move it into a different IP subnet.
Thanks,
Yoom
I am not sure that Ludo will see your question here but the chapter you are looking for is here.
https://backstage.forgerock.com/#!/docs/opendj/2.6/admin-guide/chap-mv-servers