Server User Manual
Chapter 6. Command-Line Utilities
244
Option Description
If a dash (-) is used as the password value,
the utility prompts for the password after the
command is entered. This avoids having the
password on the command line.
-x Specifies that the search results are sorted on
the server rather than on the client. This is useful
to sort according to a matching rule, as with an
international search. In general, it is faster to sort
on the server rather than on the client.
-z Specifies the maximum number of entries to
return in response to a search request. For
example:
-z 1000
Normally, regardless of the value specified here,
ldapsearch never returns more entries than
the number allowed by the server's nsslapd-
sizelimit attribute, unless the authenticated
user is the Directory Manager. However,
this limitation can be overridden by binding
as the root DN when using this command-
line argument. This is because binding as
the root DN causes this option to default to
zero (0). The default value for the nsslapd-
sizelimit attribute is 2000 entries. See
Section 2.3.1.103, “nsslapd-sizelimit (Size Limit)”
for more information.
Table 6.3. Commonly-Used ldapsearch Options
Persistent Search Options
A persistent search leaves the search operation open after the initial search results are returned.
This allows the entries returned in the search to remain in cache and updates to be transmitted and
included as they occur. Persistent searches leave the ldapsearch open until the client closes the
connection. Using persistent searches is described in the "Finding Directory Entries" appendix of the
Administrator's Guide
1
.
ldapsearch -r -C PS:changetype[:changesonly[:entrychgcontrols]] -b dc=example,dc=com
objectclass=*
In the access logs, a persistent search is identifies with the tag options=persistent.
Option Description
-C Runs the ldapsearch as a persistent search.
-r Prints all of the output from the ldapsearch
command from the buffer immediately. This
1
../../ag/persistent-search.html