1254721Semaste.lf 1 stdin 2254721Semaste.TH LDAPMODRDN 1 "2020/04/28" "OpenLDAP 2.4.50" 3254721Semaste.\" $OpenLDAP$ 4254721Semaste.\" Copyright 1998-2020 The OpenLDAP Foundation All Rights Reserved. 5254721Semaste.\" Copying restrictions apply. See COPYRIGHT/LICENSE. 6254721Semaste.SH NAME 7254721Semasteldapmodrdn \- LDAP rename entry tool 8254721Semaste.SH SYNOPSIS 9254721Semaste.B ldapmodrdn 10254721Semaste[\c 11254721Semaste.BR \-V [ V ]] 12254721Semaste[\c 13254721Semaste.BI \-d \ debuglevel\fR] 14254721Semaste[\c 15254721Semaste.BR \-n ] 16254721Semaste[\c 17254721Semaste.BR \-v ] 18254721Semaste[\c 19254721Semaste.BR \-r ] 20254721Semaste[\c 21254721Semaste.BI \-s \ newsup\fR] 22254721Semaste[\c 23254721Semaste.BR \-c ] 24254721Semaste[\c 25254721Semaste.BI \-f \ file\fR] 26254721Semaste[\c 27254721Semaste.BR \-M [ M ]] 28254721Semaste[\c 29254721Semaste.BR \-x ] 30254721Semaste[\c 31254721Semaste.BI \-D \ binddn\fR] 32254721Semaste[\c 33254721Semaste.BR \-W ] 34254721Semaste[\c 35254721Semaste.BI \-w \ passwd\fR] 36254721Semaste[\c 37254721Semaste.BI \-y \ passwdfile\fR] 38254721Semaste[\c 39254721Semaste.BI \-H \ ldapuri\fR] 40254721Semaste[\c 41254721Semaste.BI \-h \ ldaphost\fR] 42254721Semaste[\c 43254721Semaste.BI \-p \ ldapport\fR] 44254721Semaste[\c 45254721Semaste.BR \-P \ { 2 \||\| 3 }] 46254721Semaste[\c 47254721Semaste.BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] 48254721Semaste[\c 49254721Semaste.BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]] 50254721Semaste[\c 51254721Semaste.BI \-o \ opt \fR[= optparam \fR]] 52254721Semaste[\c 53254721Semaste.BI \-O \ security-properties\fR] 54254721Semaste[\c 55254721Semaste.BR \-I ] 56254721Semaste[\c 57254721Semaste.BR \-Q ] 58254721Semaste[\c 59254721Semaste.BR \-N ] 60254721Semaste[\c 61254721Semaste.BI \-U \ authcid\fR] 62254721Semaste[\c 63254721Semaste.BI \-R \ realm\fR] 64254721Semaste[\c 65254721Semaste.BI \-X \ authzid\fR] 66254721Semaste[\c 67254721Semaste.BI \-Y \ mech\fR] 68254721Semaste[\c 69254721Semaste.BR \-Z [ Z ]] 70254721Semaste[\c 71254721Semaste.I dn rdn\fR] 72254721Semaste.SH DESCRIPTION 73.B ldapmodrdn 74is a shell-accessible interface to the 75.BR ldap_rename (3) 76library call. 77.LP 78.B ldapmodrdn 79opens a connection to an LDAP server, binds, and modifies the RDN of entries. 80The entry information is read from standard input, from \fIfile\fP through 81the use of the 82.RI \- f 83option, or from the command-line pair \fIdn\fP and 84\fIrdn\fP. 85.SH OPTIONS 86.TP 87.BR \-V [ V ] 88Print version info. 89If \fB\-VV\fP is given, only the version information is printed. 90.TP 91.BI \-d \ debuglevel 92Set the LDAP debugging level to \fIdebuglevel\fP. 93.B ldapmodrdn 94must be compiled with LDAP_DEBUG defined for this option to have any effect. 95.TP 96.B \-n 97Show what would be done, but don't actually change entries. Useful for 98debugging in conjunction with \fB\-v\fP. 99.TP 100.B \-v 101Use verbose mode, with many diagnostics written to standard output. 102.TP 103.B \-r 104Remove old RDN values from the entry. Default is to keep old values. 105.TP 106.BI \-s \ newsup 107Specify a new superior entry. (I.e., move the target entry and make it a 108child of the new superior.) This option is not supported in LDAPv2. 109.TP 110.B \-c 111Continuous operation mode. Errors are reported, but ldapmodrdn 112will continue with modifications. The default is to exit after 113reporting an error. 114.TP 115.BI \-f \ file 116Read the entry modification information from \fIfile\fP instead of from 117standard input or the command-line. 118.TP 119.BR \-M [ M ] 120Enable manage DSA IT control. 121.B \-MM 122makes control critical. 123.TP 124.B \-x 125Use simple authentication instead of SASL. 126.TP 127.BI \-D \ binddn 128Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. 129For SASL binds, the server is expected to ignore this value. 130.TP 131.B \-W 132Prompt for simple authentication. 133This is used instead of specifying the password on the command line. 134.TP 135.BI \-w \ passwd 136Use \fIpasswd\fP as the password for simple authentication. 137.TP 138.BI \-y \ passwdfile 139Use complete contents of \fIpasswdfile\fP as the password for 140simple authentication. 141.TP 142.BI \-H \ ldapuri 143Specify URI(s) referring to the ldap server(s); only the protocol/host/port 144fields are allowed; a list of URI, separated by whitespace or commas 145is expected. 146.TP 147.BI \-h \ ldaphost 148Specify an alternate host on which the ldap server is running. 149Deprecated in favor of \fB\-H\fP. 150.TP 151.BI \-p \ ldapport 152Specify an alternate TCP port where the ldap server is listening. 153Deprecated in favor of \fB\-H\fP. 154.TP 155.BR \-P \ { 2 \||\| 3 } 156Specify the LDAP protocol version to use. 157.TP 158.BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ] 159.TP 160.BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ] 161 162Specify general extensions with \fB\-e\fP and modrdn extensions with \fB\-E\fP. 163\'\fB!\fP\' indicates criticality. 164 165General extensions: 166.nf 167 [!]assert=<filter> (an RFC 4515 Filter) 168 !authzid=<authzid> ("dn:<dn>" or "u:<user>") 169 [!]bauthzid (RFC 3829 authzid control) 170 [!]chaining[=<resolve>[/<cont>]] 171 [!]manageDSAit 172 [!]noop 173 ppolicy 174 [!]postread[=<attrs>] (a comma-separated attribute list) 175 [!]preread[=<attrs>] (a comma-separated attribute list) 176 [!]relax 177 sessiontracking 178 abandon,cancel,ignore (SIGINT sends abandon/cancel, 179 or ignores response; if critical, doesn't wait for SIGINT. 180 not really controls) 181.fi 182 183Modrdn extensions: 184.nf 185 (none) 186.fi 187.TP 188.BI \-o \ opt \fR[= optparam \fR] 189 190Specify general options. 191 192General options: 193.nf 194 nettimeout=<timeout> (in seconds, or "none" or "max") 195 ldif-wrap=<width> (in columns, or "no" for no wrapping) 196.fi 197.TP 198.BI \-O \ security-properties 199Specify SASL security properties. 200.TP 201.B \-I 202Enable SASL Interactive mode. Always prompt. Default is to prompt 203only as needed. 204.TP 205.B \-Q 206Enable SASL Quiet mode. Never prompt. 207.TP 208.B \-N 209Do not use reverse DNS to canonicalize SASL host name. 210.TP 211.BI \-U \ authcid 212Specify the authentication ID for SASL bind. The form of the ID 213depends on the actual SASL mechanism used. 214.TP 215.BI \-R \ realm 216Specify the realm of authentication ID for SASL bind. The form of the realm 217depends on the actual SASL mechanism used. 218.TP 219.BI \-X \ authzid 220Specify the requested authorization ID for SASL bind. 221.I authzid 222must be one of the following formats: 223.BI dn: "<distinguished name>" 224or 225.BI u: <username> 226.TP 227.BI \-Y \ mech 228Specify the SASL mechanism to be used for authentication. If it's not 229specified, the program will choose the best mechanism the server knows. 230.TP 231.BR \-Z [ Z ] 232Issue StartTLS (Transport Layer Security) extended operation. If you use 233\fB\-ZZ\fP, the command will require the operation to be successful. 234.SH INPUT FORMAT 235If the command-line arguments \fIdn\fP and \fIrdn\fP are given, \fIrdn\fP 236will replace the RDN of the entry specified by the DN, \fIdn\fP. 237.LP 238Otherwise, the contents of \fIfile\fP (or standard input if 239no \fB\-f\fP flag is given) should consist of one or more entries. 240.LP 241.nf 242 Distinguished Name (DN) 243 Relative Distinguished Name (RDN) 244.fi 245.LP 246One or more blank lines may be used to separate each DN/RDN pair. 247.SH EXAMPLE 248Assuming that the file 249.B /tmp/entrymods 250exists and has the contents: 251.LP 252.nf 253 cn=Modify Me,dc=example,dc=com 254 cn=The New Me 255.fi 256.LP 257the command: 258.LP 259.nf 260 ldapmodrdn \-r \-f /tmp/entrymods 261.fi 262.LP 263will change the RDN of the "Modify Me" entry from "Modify Me" to 264"The New Me" and the old cn, "Modify Me" will be removed. 265.LP 266.SH DIAGNOSTICS 267Exit status is 0 if no errors occur. Errors result in a non-zero exit 268status and a diagnostic message being written to standard error. 269.SH "SEE ALSO" 270.BR ldapadd (1), 271.BR ldapdelete (1), 272.BR ldapmodify (1), 273.BR ldapsearch (1), 274.BR ldap.conf (5), 275.BR ldap (3), 276.BR ldap_rename (3) 277.SH AUTHOR 278The OpenLDAP Project <http://www.openldap.org/> 279.SH ACKNOWLEDGEMENTS 280.lf 1 ./../Project 281.\" Shared Project Acknowledgement Text 282.B "OpenLDAP Software" 283is developed and maintained by The OpenLDAP Project <http://www.openldap.org/>. 284.B "OpenLDAP Software" 285is derived from the University of Michigan LDAP 3.3 Release. 286.lf 280 stdin 287