I use the command line a lot when interfacing with OpenDJ. One of the issues with this is that I often run into an issue with the BindDN user’s password has an “!” (bang) in it. As this is a special character in Unix/Linux command line, it will typically cause unexpected results.
With ldapsearch you can just leave the password parameter off and you will be prompted to provide the password. I have found that this is not the case with ldapmodify and ldapdelete. So, this can be problematic when trying to delete a user’s record.
Another work-around is to set up a tools.properties file in your user’s home directory. So, if you typically run these commands as a user named “opendj” then you would create the following file, in the opendj user’s home directory:
So, then to delete a user:
Create an ldif file containing the user’s DN and the change type:
ex. vi deleuser.ldif
Then run the ldapmodify command:
$ldapmodify -p 1389 -f deluser.ldif
You will be prompted for the password which you can type in and not worry about any conflicts with the OS command line.