Skip Headers
Oracle® Fusion Middleware Man Page Reference for Oracle Directory Server Enterprise Edition
11g Release 1 (

Part Number E28967-01
Go to Documentation Home
Go to Table of Contents
Go to Index
Go to Feedback page
Contact Us

Go to previous page
Go to next page
PDF · Mobi · ePub


recursively delete a subtree of LDAP entries


-b baseDN [options]


The ldapsubtdel command attempts recursively to delete a subtree of LDAP entries under the entry having the distinguished name (DN) specified as a parameter to the -b option. You must bind as a user having access to delete the entries specified.


The ldapsubtdel command supports the following options:

-b DN

Delete entries under the entry with the specified DN.

Default is to delete entries under the specified entry, but not to delete the specified entry itself. Use the -r option to delete the specified entry as well.

-D bindDN

Use the specified bind DN to authenticate to the directory.

If the bind DN is not specified, the ldapsubtdel command attempts anonymous authentication.


Display a usage message.

-h hostname

Connect to the directory on the specified host.

Default is to connect to the local host on the loopback address,

-j filename

Use the bind password in the specified file to authenticate to the directory.


Manage referrals, deleting the entries containing referrals instead of the entries obtained by following referrals.

Default is to follow referrals and delete the entries to which the entries in the subtree refer.


Display what would be done, but do not carry out any deletions.

Default is to carry out the deletions.

-p port

Connect to the directory on the specified port.

Default is to connect to the default simple authentication port for LDAP, 389.


Also delete the entry having the DN specified as the parameter to the -b option.

Default is not to delete the entry specified.

-V LDAPVersion

Use the specified LDAP version, either 2 or 3.

Default is to use version 3.


Display verbose output, including information about each deletion performed.

-w password

Use the specified bind password to authenticate to the directory.

-w -

Prompt for the bind password so it does not appear on the command line.


The example in this section uses the following conventions:

Example 1   ldapsubtdel: Deleting an Entire Subtree

The following command demonstrates deletion of an entire test subtree of LDAP entries:

$ ldapsubtdel -h host -D uid=hmiller,ou=people,dc=example,dc=com -w - \
-b ou=test,dc=example,dc=com -r -v
Enter bind password:
Processing subtree ou=test,dc=example,dc=com
Deleting entry uid=test0,ou=test,dc=example,dc=com
Deleting entry uid=test99,ou=test,dc=example,dc=com

Deleting entry ou=test,dc=example,dc=com

Successfully deleted subtree ou=test,dc=example,dc=com

If you read Example.ldif, you see that hmiller's password is hillock.

Exit Status

The ldapsubtdel command exits with status 0 if it completes successfully. Otherwise it exits with non-zero status.


See attributes(5) for descriptions of the following attributes:



Zip distribution only

Stability Level