This section gives an overview on how to manipulate entries within your directory. Manipulating data with the help of graphical tools is straight forward. This section concentrates on using LDIF and command line tools.
Adding an entry
Let's start with adding a new entry to the "Seven Seas" partition (it is therefore assumed that you have already imported the sample data).
A person to add
The data is inspired by "Peter Pan" and provided by this LDIF file (captain_hook.ldif):
The entry with distinguished name "cn=James Hook,ou=people,o=sevenSeas" describes a person. In the default schema of ApacheDS (as defined in RFC 2256), object class person requires attribute values for cn (common name) and sn (surname). The other attributes are optional. The following screenshot of a schema browser illustrates this:
Using a command line tool to add the entry
It depends on your authorization configuration, which directory users are allowed to add entries (or generally to manipulate data). The administrator uid=admin,ou=system is always allowed to do anything; thus we use him for authentication.
With ldapmodify, the data above can be added to the sample partition like this:
The following table contains descriptions for the options used. See the manpage of ldapmodify for details.
Option |
Meaning |
|---|---|
-h zanzibar |
Hostname |
-p 10389 |
Port |
-D "uid=admin,ou=system" |
Distinguished name to bind (user with appropriate privileges needed) |
-w ****** |
Password of bind user |
-a |
add new entries |
-f captain_hook.ldif |
Name of LDIF file to load |
Note that the file contains only one entry, but it is possible to add several entries at once with a single ldapmodify call. An LDIF file can contain an arbitrary number of entries, seperated by an empty line. an ldapmodify call as above would try to add them one by one.
Verification
With the help of the ldapsearch command, you can verify that the entry is indeed present in the directory.
Learn more about LDAP search operations here. Another option for verification is to use a graphical tool like Softerra LDAP Browser:
Modifying an entry
Modifications with the help of LDIF
LDIF can either be used to describe complete entries, like Caption Hook in the example before, or to describe a set of changes made (or to be mode) to directory entries. In the following we use the latter variant. We present simple LDIF files with changes to an entry (Hook again, the samples assume his existence within the tree) and apply them to the directory.
Adding attribute values
Let's add a telephone number and a second description to the entry "cn=James Hook,ou=people,o=sevenSeas".
A corresponding LDIF file (captain_hook_modify_addAttrs.ldif) looks like this:
We apply these changes to the dircetory with the help of the ldapmodify command:
The arguments are the same as in the add example above, execept the missing -a switch (because we perform modifications, not additions).
After successfully applying these changes, we can verify the effect with a search operation.
to be continued