HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server

111

112

113

114

115

116

117

118

119

120

3.2.2 Creating a root entry from the command line

The ldapmodify command line utility can be used to create a new root entry in a database. For

example:

ldapmodify -a -D "cn=directory manager" -w secret -p 389 -h server.example.com

The ldapmodify utility binds to the server and prepares it to add an entry. The new root object

can then be added, as follows:

dn: Suffix_Name

objectclass: newobjectclass

The DN corresponds to the DN of the root or sub-suffix contained by the database. The

newobjectclass value depends upon the type of object class you are adding to the database.

You may need to specify additional required attributes depending on the type of root object being

added.

NOTE:

You can use ldapmodify to add root objects only if you have one database per suffix. If you

create a suffix that is stored in several databases, you must use the ldif2db utility with the

-noption option to specify the database that will hold the new entries. For information, see

“Importing from the command line” (page 151).

3.2.3 Adding entries using LDIF

You can use an LDIF file to add multiple entries or to import an entire database. To add entries

using an LDIF file and the Directory Server Console:

1. Define the entries in an LDIF file.

LDIF files are described in “LDAP data Interchange Format” (page 547).

2. Import the LDIF file from the Directory Server Console.

For information about LDIF file formats, see “Importing a database from the console” (page 148).

When you import the LDIF file, select Append to database in the Import dialog box so that

the server will only import entries that do not currently exist in the directory.

You can also add entries described in an LDIF file from the command line using the ldapmodify

command with the -f option.

3.2.4 Adding and modifying entries using ldapmodify

The ldapmodify command can add and modify entries in an existing Directory Server database.

The ldapmodify command opens a connection to the specified server using the supplied

distinguished name and password and modifies the entries based on LDIF update statements

contained in a specified file. Because ldapmodify uses LDIF update statements, ldapmodify

can do everything that ldapdelete can do.

The LDAP tools are installed with Directory Server in the /opt/dirsrv/bin directory.

Consider the following when using ldapmodify:

• If the server detects an attribute or object class in the entry that is not known to the server, then

the modify operation will fail when it reaches the erroneous entry. All entries that were

processed before the error was encountered will be successfully added or modified. If you

run ldapmodify with the -c option (do not stop on errors), the operation processes all correct

entries found after the erroneous entry and adds or modifies them successfully.

• If a required attribute is not present, the modify operation fails. This happens even if the

offending object class or attribute is not being modified.

112 Creating Directory Entries