Menu
Is it possible to remove all entries from LDAP by one-line commend?
I tried:
ldapdelete -r 'cn=*,dc=domain,dc=com' -w
but it's not working. I have no better ideas;/
904
Deleting multiple entries using an LDIF file You can generate a file of DNs that you would like to delete from the Directory Server. The following command searches for all entries in the ou=Accounting branch and returns the DNs of the subentries. Run the ldapdelete command with the file to delete the entries.
Here is the tutorial to learn how to uninstall ldap auth client with apt-get command. Step 1: Open a terminal with 'su' access and enter the command as shown below. Step 2: The command reads the package lists and proceeds with the uninstallation. Use 'apt-get autoremove' to remove them.
2.2 LDIF Format for Deleting Entries. When deleting an entry, the LDIF file entry only needs the DN of the entry to be deleted and the changetype: delete directive. Use an empty line at the end of the entry as a separator.
ldapdelete is to remove specific DN, you can't use a wilcard.
There is no native "oneliner". You can execute a ldapsearch and provide the list of DN resulting from this search to the ldapdelete
Something like :
ldapsearch -LLL -s one -b "dc=domain,dc=com" "(cn=*)" dn | awk -F": " '$1~/^\s*dn/{print $2}' > listOfDNtoRemove.txt && ldapdelete -r -f listOfDNtoRemove.txt
-s one : this option on the ldapsearch is to retrieve only the first level child under the branch dc=domain,dc=com
-LLL : this option is to have LDIF format output-r : this option is to recursively delete the previously first level branch found and their childsawk -F": " '$1~/^\s*dn/{print $2}' : this awk is to print only the line starting by dn: and printing the value of the dn
NOTE : ldapdelete also reads the list of DN from the standard input, so you can pipe the ldapsearch results directly to the ldapdelete if you want to avoid the temporary file
180
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
