|
Oracle® Identity Management User Reference
10g Release 2 (10.1.2) B15883-01 |
|
 Previous |
 Next |
|
Oracle® Identity Management User Reference
10g Release 2 (10.1.2) B15883-01 |
|
|
Previous |
Next |
The standard format for directory entries is as follows:
dn: distinguished_name changetype: add|delete|modify|modrdn|moddn attribute_type: attribute_value ... objectClass: object_class_value ...
The dn Directive
The dn directive defines the distinguished name (DN) of an entry. It is assumed that all lines below a dn directive belong to that entry until you add a space in the LDIF file to denote a separate entry. The following example shows a dn directive line:
dn: cn=Mary Jones,ou=Sales,dc=company,dc=com
The changetype Directive
The changetype directive defines the operation you want to perform on the entry. The operations that you specify with the changetype directive are:
add - See "LDIF Format for Adding Entries" for syntax and examples.
delete - See "LDIF Format for Deleting Entries" for syntax and examples.
modify - "LDIF Format for Modifying Entries" for syntax and examples.
modrdn - See "LDIF Format for Modifying the RDN of an Entry" for syntax and examples.
moddn - See "LDIF Format for Modifying the DN of an Entry" for syntax and examples.
If changetype directive is omitted, then an add operation is assumed if using bulkload, ldapadd or ldapaddmt. A delete operation is assumed if using bulkdelete or ldapdelete. All other operations must specify a changetype: directive.
The attribute_type Directive
The attribute_type directive is used to specify an attribute type name and value pair. The entry will have an attribute_type directive for each attribute in the entry. For example, here is an attribute_type directive for the attribute type named cn where the value is Mary Smith.
cn: Mary Smith
The objectClass Directive
The objectClass directive is used to specify the object class that is associated with the entry. If an entry uses multiple object classes, then it will have an objectClass directive for each object class used. For example, here are the object classes used to define a user entry.
objectClass: orclUserV2 objectClass: organizationalPerson objectClass: person objectClass: top
Note that if an object class has required attributes, you must supply a value for those attributes using attribute_type directives.
The following example shows a file entry for an employee. The first line contains the DN. The second line contains the changetype: add directive. The lines that follow begin with the name for an attribute type, followed by the value to be associated with that attribute. Note that the photo attribute value begins with a forward slash (\) to denote that it is a binary file reference. Each entry ends with lines defining the object classes for the entry. Use an empty line at the end of the entry as a separator.
dn: cn=Suzie Smith,ou=Server Technology,o=Acme, c=US
changetype: add
cn: Suzie Smith
cn: SuzieS
sn: Smith
mail: ssmith@us.Acme.com
telephoneNumber: 69332
photo: \$ORACLE_HOME/empdir/photog/ssmith.jpg
objectClass: organizationalPerson
objectClass: person
objectClass: top
When deleting an entry, the LDIF file entry only needs the DN of the entry to be deleted and the changetype: delete directive. Use an empty line at the end of the entry as a separator.
dn: cn=Suzie Smith,ou=Server Technology,o=Acme, c=US changetype: delete
When modifying an entry, you must supply the DN of the entry followed by the changetype: modify directive. Next you must specify the attributes you want to modify using one of the following directives:
add: attribute_type - Specifies the name of an attribute type for which you want to add a value. The next line should then contain the attribute_type: value directive for the value you want to add. For example:
add: work-phone work-phone: 510/506-7000
delete: attribute_type - Specifies the name of an attribute type for which you want to delete the value. If the attribute is multi-valued, then you should also supply the attribute_type: value directive for the specific value you want to delete, otherwise all values for the attribute will be deleted. For example:
delete: home-fax
replace: attribute_type - Specifies the name of an attribute type for which you want to replace the existing value with a new value. The next line should then contain the attribute_type: value directive for the value you want to replace. For example:
replace: home-phone home-phone: 415/697-8899
If the attribute is multi-valued then all the current values are replaced with one or more attributes following this directive. If only a single value of a multi-valued attribute needs to be replaced use delete then add.
If you are making several modifications to an entry, then, between each modification you enter, add a line that contains a hyphen (-) only. For example:
dn: cn=Barbara Fritchy,ou=Sales,o=Oracle,c=US changetype: modify add: work-phone work-phone: 650/506-7000 work-phone: 650/506-7001 - delete: home-fax - replace: home-phone home-phone: 415/697-8899
To modify the relative distinguished name (RDN) for an entry, you must supply the DN of the entry followed by the changetype: modrdn directive. Next you must specify the new RDN with a newrdn: directive, and you can optionally delete or keep the old entry by supplying a deleteoldrdn: directive. For example:
dn: cn=Sally Smith,ou=people,dc=example,dc=com changetype: modrdn newrdn: Sally Smith-Jones # deletes old RDN entry deleteoldrdn: 1
To modify the DN for an entry (move the entry to a new node in the DIT), you must supply the DN of the entry followed by the changetype: moddn directive. Next you must specify the new parent DN with a newsuperior: directive, and you can optionally delete or keep the old entry by supplying a deleteoldrdn: directive. For example:
dn: cn=Sally Smith,ou=people,dc=example,dc=com changetype: moddn newsuperior: ou=expeople,dc=example,dc=com # keeps old RDN entry deleteoldrdn: 0
