| Oracle® Fusion Middleware Man Page Reference for Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1.7.0) Part Number E28967-01 |
|
|
PDF · Mobi · ePub |
| Oracle® Fusion Middleware Man Page Reference for Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1.7.0) Part Number E28967-01 |
|
|
PDF · Mobi · ePub |
add, modify, rename, move, or delete directory entries
Synopsis
install-path/dsrk/bin/dsmlmodify -h hostURL [options] -f filename
Description
The dsmlmodify command requests the addition, modification, rename, move, or deletion of entries stored in a directory accessible through Directory Services Markup Language (DSML) v2.
You must specify additions and modifications in the proper order, because the directory performs the updates in the order you request them. For example, to add entries to a subtree that does not yet exist, you must first update the base entry at the root of the subtree before adding entries under the base entry.
Options
The dsmlmodify command supports the following options:
-D user-identifierUse the specified user identifier to authenticate.
The user identifier is the HTTP-layer identifier. The HTTP-layer identifier is typically mapped to an account in the directory. For example, if the uid value is used for HTTP-layer authentication, which maps in the directory to bind DN dn:uid=user-identifier,ou=people,dc=example,dc=com, then the dsmlmodify -D bjensen command would end up using permissions for directory operations based on the permissions for the account with entry DN uid=bjensen,ou=people,dc=example,dc=com. The user-identifier thus depends closely on the identity mapping between the HTTP layer and the LDAP layer.
If the user identifier and its password are omitted, the dsmlmodify command binds anonymously. The user identifier determines what entries and attributes the user can modify, according to the permissions for the user.
-f filenameRead the modifications from a file using DSML syntax.
The following content for example allows modification of Barbara Jensen's password:
<modifyRequest dn="uid=bjensen,ou=people,dc=example,dc=com"> <modification name="userpassword" operation="replace"> <value>newpassword</value> </modification> </modifyRequest>
-h hostURLUse the specified URL to access the directory.
The host URL takes the form http://host:port where host represents the host on which the directory runs, and port is the port on which the directory listens for DSML requests.
-j filenameRead the bind password for simple HTTP authentication from the specified file.
-w –Prompt for the bind password for simple HTTP authentication.
-w passwordUse the specified bind password for simple HTTP authentication.
Examples
Examples in this section use the following conventions:
The dsmlmodify command is found in a directory present in the PATH used for the examples.
The directory server is located on a system named host.
The directory server listens for DSML requests over HTTP on port 8080.
dsmlmodify: Adding an EntryThe following commands demonstrate adding an entry:
$ cat add.dsml <addRequest dn="uid=ajohnson,ou=people,dc=example,dc=com"> <attr name="objectclass"><value>top</value></attr> <attr name="objectclass"><value>person</value></attr> <attr name="objectclass"><value>organizationalPerson</value></attr> <attr name="objectclass"><value>inetOrgPerson</value></attr> <attr name="uid"><value>ajohnson</value></attr> <attr name="sn"><value>Johnson</value></attr> <attr name="cn"><value>Alice</value></attr> <attr name="mail"><value>alice.johnson@example.com</value></attr> <attr name="userPassword"><value>weakness</value></attr> </addRequest> $ dsmlmodify -h http://host:8080 -D hmiller -w - -f add.dsml Enter bind password: …
If you read Example.ldif, you see that hmiller's password is hillock.
dsmlmodify: Modifying an EntryThe following commands demonstrate modifying an entry:
$ cat mod.dsml <modifyRequest dn="uid=bjensen,ou=people,dc=example,dc=com"> <modification name="userpassword" operation="replace"> <value>newpassword</value> </modification> </modifyRequest> $ dsmlmodify -h http://host:8080 -D bjensen -w - -f mod.dsml Enter bind password: …
If you read Example.ldif, you see that the bjensen's password is hifalutin.
dsmlmodify: Deleting an EntryThe following commands demonstrate deleting an entry:
$ cat del.dsml <delRequest dn="uid=ajohnson,ou=people,dc=example,dc=com" /> $ dsmlmodify -h http://host:8080 -D hmiller -w - -f del.dsml Enter bind password: …
If you read Example.ldif, you see that hmiller's password is hillock.
dsmlmodify: Renaming an EntryThe following commands demonstrate renaming an entry:
$ cat rdn.dsml <modDNRequest dn="uid=ajohnson,ou=people,dc=example,dc=com" newrdn="uid=aweiss" deleteoldrdn="true" newSuperior="ou=people,dc=example,dc=com"/> $ dsmlmodify -h http://host:8080 -D hmiller -w - -f rdn.dsml Enter bind password: …
If you read Example.ldif, you see that hmiller's password is hillock.
Exit Status
Exit status values are returned as part of the response, including both the code and the description as described in the DSML v2 standard. Common exit status codes follow:
Successful completion; success.
Server encountered errors while processing the request; operationsError.
Server encountered errors while processing the request; protocolError.
Base DN belongs to an entry handled by neither server, and the referral URL identifies another server that handles the entry; referral.
Attribute to be modified does not exist; noSuchAttribute.
Attribute modification requested is not a proper modification. For example, a requested change to userpassword would result in a user password shorter than the minimum length allowed; constraintViolation.
Attribute to add already exists with specified value; attributeOrValueExists.
In response to a request to modify directory schema, the requested modification includes no object class or attribute type specification; invalidAttributeSyntax.
Base DN belongs to an entry handled by neither server, and no referral URL is available for the entry; noSuchObject.
Bind DN user does not have permission to read the entry from the directory; insufficientAccessRights.
Directory is read-only; unwillingToPerform.
Requested modification would cause the entry not to comply with the schema; objectClassViolation.
Requested modification would cause the entry to be missing attributes that are components of the entry DN; notAllowedOnRDN.
An entry already exists with the same DN as the entry to add; entryAlreadyExists.
Attributes
See attributes(5) for descriptions of the following attributes:
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|---|---|
|
Availability |
Zip distribution only |
|
Stability Level |
Evolving |
See Also
|
 Copyright © 2001, 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|