Red Hat Summit Red Hat SummitSupportConsoleDéveloppeursCommencer un essaiContact

Ce contenu n'est pas disponible dans la langue sélectionnée.

Appendix A. Using LDAP Client Tools

Red Hat Directory Server uses the LDAP tools (such as ldapsearch and ldapmodify) supplied with OpenLDAP. The OpenLDAP tool options are described in the OpenLDAP man pages at http://www.openldap.org/software/man.cgi.
This appendix gives some common usage scenarios and examples for using these LDAP tools.
More extensive examples for using ldapsearch are given in Chapter 14, Finding Directory Entries. More examples for using ldapmodify and ldapdelete are given in Chapter 3, Managing Directory Entries.

A.1. Running Extended Operations
Copier lien

Red Hat Directory Server supports a variety of extended operations, especially extended search operations. An extended operation passes an additional operation (such as a get effective rights search or server-side sort) along with the LDAP operation. Likewise, LDAP clients have the potential to support a number of extended operations.
The OpenLDAP LDAP tools support extended operations in two ways. All client tools (ldapmodify, ldapsearch, and the others) use either the -e or -E options to send an extended operation. The -e argument can be used with any OpenLDAP client tool and sends general instructions about the operation, like how to handle password policies. The -E is used only with ldapsearches and passes more useful controls like GER searches, sort and page information, and information for other, not-explicitly-support extended operations.
Additionally, OpenLDAP has another tool, ldapexop, which is used exclusively to perform extended search operations, the same as running ldapsearch -E.
The format of an extended operation with ldapsearch is generally: 
-E extended_operation_type=operation_parameters
Copy to Clipboard Toggle word wrap
When an extended operation is explicitly handled by the OpenLDAP tools, then the extended_operation_type can be an alias, like deref for a dereference search or sss for server-side sorting. A supported extended operation has formatted output. Other extended operations, like GER searches, are passed using their OID rather than an alias, and then the extended_operation_type is the OID. For those unsupported operations the tool does not recognize the response from the server, so the output is unformatted.
For example, the pg extended operation type formats the results in simple pages: 
# ldapsearch -x -D "cn=Directory Manager" -W -b "ou=Engineers,ou=People,dc=example,dc=com" -E pg=3 "(objectclass=*)" cn

dn: uid=jsmith,ou=Engineers,ou=People,dc=example,dc=com
   cn: John Smith

dn: uid=bjensen,ou=Engineers,ou=People,dc=example,dc=com
   cn: Barbara Jensen

dn: uid=hmartin,ou=Engineers,ou=People,dc=example,dc=com
   cn: Henry Martin

Results are sorted.
next page size (3): 5
Copy to Clipboard Toggle word wrap
The same operation with ldapexop can be run using only the OID of the simple paged results operation and the operation's settings (3 results per page): 
ldapexop 1.2.840.113556.1.4.319=3
Copy to Clipboard Toggle word wrap
However, ldapexop does not accept the same range of search parameters that ldapsearch does, making it less flexible.
Retour au début
Red Hat logoGithubredditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance. Découvrez nos récentes mises à jour.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez le Blog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

Theme

© 2025 Red Hat