Appendix B. Testing Scripts Available with Directory Server
ldclt
and rsearch
are located in the /usr/bin
directory.
B.1. ldclt (Load Stress Tests)
ldclt
) establishes multiple client connections to a server, under user-defined scenarios, to load-test the Directory Server. Client operations include directory adds, searches, modifies, modRDNs, and deletes, as well setup operations like generating LDIF files. Operations can be randomized — binding and unbinding as random users, performing random tasks — to simulate more realistic usage environments for the directory.
ldclt
tool measures the completion time of continuously-repeated operations to measure Directory Server performance. Using multiple threads makes it possible to test performance under high loads. Each test performs the same type of LDAP operation, but with different settings (like different user credentials, different attribute types or sizes, and different target subtrees).
ldclt
tool is specifically intended to be used for automated tests, so its options are extensive, flexible, and easily scripted, even for complex test operations.
Note
ldclt
is a load test, and therefore uses a significant amount of system resources. The tool uses a minimum of 8 MB of memory. Depending on the numbers of threads, types of operations, and other configuration settings, it can use much more memory.
ldclt
may set its own resource limits. For information on managing system resource limits, see the man pages for ulimit
and getrlimit
.
ldclt
utility is located in the /usr/bin
directory.
B.1.1. Syntax
ldlt
[
-q
|
-Q
|
-v
|
-V
] [
-E max_errors
] [
-b base_DN
] [
-h host
] [
-p port
] [
-t timeout
] [
-D bind_DN
] [
-w password
] [
-o SASL_options
] [
-e execution_params
] [
-a max_pending
] [
-n number_of_threads
] [
-i inactivity_times
] [
-N number_of_samples
] [
-I error_code
] [
-T total_number_of_operations
] [
-r low_range
] [
-R high_range
] [
-f filter
] [
-s scope
] [
-S consumer
] [
-P supplier_port
] [
-W wait_time
] [
-Z certificate_file
]
B.1.2. ldclt Options
Table B.1. ldclt Options
Option | Description |
---|---|
-a max_pending_ops | Runs the tool in asynchronous mode with a defined maximum number of pending operations. |
-b base_dn | Gives the base DN to use for running the LDAP operation tests. If not given, the default value is dc=example,dc=com . |
-D bind_dn | Gives the bind DN for the ldclt utility to use to connect to the server. |
-E max_errors | Sets the maximum number of errors that are allowed to occur in test LDAP operations before the tool exits. The default is 1000. |
-e execution_params | Specifies the type of operation and other test environment parameters to use for the tests. The possible values for -e are listed in Table B.2, “Execution Parameters”. This option can accept multiple values, in a comma-separated list. |
-f filter | Gives an LDAP search filter to use for search testing. |
-h | Specifies the host name or IP address of the Directory Server to run tests against. If a host is not specified, ldclt uses the local host. |
-I error_code | Tells ldclt to ignore any errors encountered that match a certain response code. For example, -I 89 tells the server to ignore error code 89. |
-i inactivity_times | Sets a number of intervals that the tool can be inactive before exiting. By default, this setting is 3, which translates into 30 seconds (each operations interval being 10 seconds long). |
-N number_of_samples | Sets the number of iterations to run, meaning how many ten-second test periods to run. By default, this is infinite and the tool only exits when it is manually stopped. |
-n number_of_threads | Sets the number of threads to run simultaneously for operations. The default value is 10. |
-o SASL_option | Tells the tool to connect to the server using SASL and gives the SASL mechanism to use. The format is -o saslOption=value. saslOption can have one of six values:
-o can be used multiple times to pass all of the required SASL information for the mechanism. For example:
-o "mech=DIGEST-MD5" -o "authzid=test_user" -o "authid=test_user" |
-P master_port | Gives the port to use to connect to a supplier server for replication testing. The default, if one is not given, is 16000. |
-p port | Gives the server port number of the Directory Server instance that is being tested. |
-Q | Runs the tool in "super" quiet mode. This ignores any errors that are encountered in operations run by ldclt . |
-q | Runs the tool in quiet mode. |
-R number | Sets the high number for a range. |
-r number | Sets the low number of a range. |
-S consumer_name | Gives the host name of a consumer server to connect to run replication tests. |
-s scope | Gives the search scope. As with ldapsearch , the values can be subtree, one, or base. |
-T ops_per_thread | Sets a maximum number of operations allowed per thread. |
-t timeout | Sets a timeout period for LDAP operations. The default is 30 seconds. |
-V | Runs the tool in very verbose mode. |
-v | Runs the tool in verbose mode. |
-W wait_time | Sets a time, in seconds, for the ldclt tool to wait after one operation finishes to start the next operation. The default is 0, which means there is no wait time. |
-w password | Gives the password to use, with the -D identity, to bind to the Directory Server for testing. |
-Z /path/to/cert.db | Enables TLS for the test connections and points to the file to use as the certificate database. |
-e
option sets execution parameters for the ldclt
test operations. Multiple parameters can be configured, in a comma-separated list. For example:
-e add,bindeach,genldif=/var/lib/dirsrv/slapd-instance/ldif/generated.ldif,inetOrgPerson
Table B.2. Execution Parameters
Parameter | Description |
---|---|
abandon | Initiates abandon operatons for asynchronous search requests. |
add | Adds entries to the directory (ldapadd ). |
append | Appends entries to the end of the LDIF file generated with the genldif option. |
ascii | Generates ASCII 7-bit strings. |
attreplace=name:mask | Run modify operations that replace an attribute (name) in an existing entry. |
attrlist=name:name:name | Specifies a list of attributes to return in a search operation. |
attrsonly=# | Used with search operations, to set whether to read the attribute values. The possible values are 0 (read values) or 1 (do not read values). |
bindeach | Tells the ldclt tool to bind with each operation it attempts. |
bindonly | Tells the ldclt tool to only run bind/unbind operations. No other operation is performed. |
close | Tells the tool to close the connection rather than perform an unbind operation. |
cltcertname=name | Gives the name of the TLS client certificate to use for TLS connections. |
commoncounter | Makes all threads opened by the ldclt tool to share the same counter. |
counteach | Tells the tool to count each operation, not only successful ones. |
delete | Initiates delete operations. |
deref | Adds the dereference control to search operations (esearch ). With adds, this tells ldclt to add the secretary attribute to new entries, to allow dereference searches. |
dontsleeponserverdown | Causes the tool to loop very fast if server down. |
emailPerson | This adds the emailPerson object class to generated entries. This is only valid with the add operation (-e add ). |
esearch | Performs an exact search. |
genldif=filename | Generates an LDIF file to use with the operations. |
imagesdir=path | Gives a location for images to use with tests. |
incr | Enables incremental values. |
inetOrgPerson | This adds the inetOrgPerson object class to generated entries. This is only valid with the add operation (-e add ). |
keydbfile=file | Contains the path and file name of the key database to use with TLS connections. |
keydbpin=password | Contains the token password to access the key database. |
noglobalstats | Tells the tool not to print periodical global statistics. |
noloop | Does not loop the incremental numbers. |
object=filename | Builds entry objects from an input file. |
person | This adds the person object class to generated entries. This is only valid with the add operation (-e add ). |
random | Tells the ldclt utility to use all random elements, such as random filters and random base DNS. |
randomattrlist=name:name:name | Tells the ldclt utility to select random attributes from the given list. |
randombase | Tells the ldclt utility to select a random base DN from the directory. |
randombaselow=value | Sets the low value for the random generator. |
randombasehigh=value | Sets the high value for the random generator. |
randombinddn | Tells the ldclt utility to use a random bind DN. |
randombinddnfromfile=file | Tells the ldclt utility to use a random bind DN, selected from a file. Each entry in the file must have the appropriate DN–password pair. |
randombinddnlow=value | Sets the low value for the random generator. |
randombinddnhigh=value | Sets the high value for the random generator. |
rdn=attrname:value | Gives an RDN to use as the search filter. This is used instead of the -f filter. |
referral=value | Sets the referral behavior for operations. There are three options: on (allow referrals), off (disallow referrals), or rebind (attempt to connect again). |
smoothshutdown | Tells the ldclt utility not to shut down its main thread until the worker threads exit. |
string | Tells the ldclt utility to create random strings rather than random numbers. |
v2 | Tells the ldclt utility to use LDAPv2 for test operations. |
withnewparent | Performs a modRDN operation, renaming an entry with newparent set as an argument. |
randomauthid | Uses a random SASL authentication ID. |
randomauthidlow=value | Sets the low value for a random SASL authentication ID. |
randomauthidhigh=value | Sets the high value for the random SASL authentication ID. |
B.1.3. Results from ldclt
ldclt
continuously runs whatever operation is specified, over the specified number of threads. By default, it prints the performance statistics to the screen every ten (10) seconds.
ldclt[process_id] Average rate: number_of_ops/thr (number_of_ops/sec), total: total_number_of_ops
ldclt[22774]: Average rate: 10298.20/thr (15447.30/sec), total: 154473
ldclt
prints cumulative averages and totals every 15 minutes and when the tool is exited.
ldclt[22774]: Global average rate: 821203.00/thr (16424.06/sec), total: 12318045 ldclt[22774]: Global number times "no activity" reports: never ldclt[22774]: Global no error occurs during this session. Catch SIGINT - exit... ldclt[22774]: Ending at Wed Feb 24 18:39:38 2010 ldclt[22774]: Exit status 0 - No problem during execution.
-v
or -V
output additional data to the screen. The kind of information depends on the type of operation, but it generally shows the thread performing the operation and the plug-ins called by the operation. For example:
ldclt -b ou=people,dc=example,dc=com -D "cn=Directory Manager" -w secret12 -e add,person,incr,noloop,commoncounter -r90000 -R99999 -f "cn=testXXXXX" -V ... ldclt[11176]: T002: After ldap_simple_bind_s (cn=Directory Manager, secret12) ldclt[11176]: T002: incremental mode:filter="cn=test00009" ldclt[11176]: T002: tttctx->bufFilter="cn=test00009" ldclt[11176]: T002: attrs[0]=("objectclass" , "person") ldclt[11176]: T002: attrs[1]=("cn" , "test00009") ldclt[11176]: T002: attrs[2]=("sn" , "toto sn") ... ldclt[11176]: Average rate: 195.00/thr ( 195.00/sec), total: 1950 ldclt[10627]: Global average rate: 238.80/thr (238.80/sec), total: 2388 ldclt[10627]: Global number times "no activity" reports: never ldclt[10627]: Global no error occurs during this session. Catch SIGINT - exit... ldclt[10627]: Ending at Tue Feb 23 11:46:04 2010 ldclt[10627]: Exit status 0 - No problem during execution.
ldclt
without interrupting the test. Any fatal errors that are encountered are listed with the tool's exit status and returned in the cumulative total.
Global no error occurs during this session.
ldclt
utility does count the number of times each LDAP error is encountered; if the total number of errors that are logged hits more than 1000 (by default), then the script itself will error out.
ldclt
responds to LDAP errors can be configured. Using the -E
option sets a different threshold for the script to error out after encountering LDAP errors. Using the -I
option tells the script to ignore the specified LDAP error codes in all threads. Changing the error exit limit and ignoring certain error codes can allow you to tweak and improve test scripts or test configuration.
B.1.4. Exiting ldclt and ldclt Exit Codes
ldclt
command runs indefinitely. The script can stop itself in a handful of situations, like encountering a fatal runtime or initialization error, hitting the limit of LDAP errors, having all threads die, or hitting the operation or time limit.
ldclt
script.
- Hitting control—backslash (^\) or
kill -3
prints the current statistics without exiting the script. - Hitting control—C (^C) or
kill -2
exits the script and prints the global statistics.
ldclt
script exits or is interrupted, it returns an exit code along with the statistics and error information.
Table B.3. ldclt Exit Codes
Exit Code | Description |
---|---|
0 | Success (no errors). |
1 | An operation encountered a serious fatal error. |
2 | There was an error in the parameters passed with the tool. |
3 | The tool hit the maximum number of LDAP errors. |
4 | The tool could not bind to the Directory Server instance. |
5 | The tool could not load the TLS libraries to connect over TLS. |
6 | There was a multithreading (mutex) error. |
7 | There was an initialization problem. |
8 | The tool hit a resource limit, such as a memory allocation error. |
99 | The script encountered an unknown error. |
B.1.5. Usage Scenarios
ldclt
to test Directory Server. Test scripts with more complex examples are available in the ldclt
source files. This can be downloaded from the 389 Directory Server Project, https://git.fedorahosted.org/cgit/389/ds.git/tree/ldap/servers/slapd/tools/ldclt/examples.
ldclt
command requires a set of execution parameters (which varies depending on the type of test) and connection parameters (which are the same for every type of operation). For example:
# ldclt -e execution_parameters -h localhost -p 389 -D "cn=Directory Manager" -w secret -b "ou=people,dc=example,dc=com"
ldclt
runs, it first prints all of the configured parameters for that test.
Process ID = 1464 Host to connect = localhost Port number = 389 Bind DN = cn=Directory Manager Passwd = secret Referral = on Base DN = ou=people,dc=example,dc=com Filter = "cn=MrXXX" Max times inactive = 3 Max allowed errors = 1000 Number of samples = -1 Number of threads = 10 Total op. req. = -1 Running mode = 0xa0000009 Running mode = quiet verbose random exact_search LDAP oper. timeout = 30 sec Sampling interval = 10 sec Scope = subtree Attrsonly = 0 Values range = [0 , 1000000] Filter's head = "cn=Mr" Filter's tail = ""
B.1.5.1. Generating LDIFs
ldclt
tool itself can be used to generate LDIF files that can be used for testing.
Note
ldclt
tool does not attempt to connect to a server or run any operations.
-e object
), and then a specified output file (-e genldif
).
/usr/share/dirsrv/data
directory contains three data files to generate surnames, first names, and organizational units. These lists of values can be used to create test users and directory trees (dbgen-FamilyNames
, dbgen-GivenNames
, and dbgen-OrgUnits
, respectively). These files can be used with the rndfromfile
, incrfromfile
, or incrfromfilenoloop
options.
# comment attribute: string | variable=keyword(value)
-e object
option and other available parameters (like rdn
).
-e object=inet.txt,rdn='uid:[A=INCRNNOLOOP(0;99999;5)]'
Table B.4. ldclt Template LDIF File Keywords
Keyword | Description | Format |
---|---|---|
RNDN | Generates a random value within the specified range (low - high) and of the given length. | RNDN(low;high;length) |
RNDFROMFILE | Pulls a random value from any of the ones available in the specified file. | RNDFROMFILE(filename) |
INCRN | Creates sequential values within the specified range (low - high) and of the given length. | INCRN(low;high;length) |
INCRNOLOOP | Creates sequential values within the specified range (low - high) and of the given length — without looping through the incremental range. | INCRNOLOOP(low;high;length) |
INCRFROMFILE | Creates values by incrementing through the values in the specified file. | INCRFROMFILE(filename) |
INCRFROMFILENOLOOP | Creates values by incrementing through the values in the file, without looping back through the values. | INCRFROMFILENOLOOP(filename) |
RNDS | Generates random values of a given length. | RNDS(length) |
/usr/share/dirsrv/data
and builds other attributes dynamically.
Example B.1. Example Template File
objectclass: inetOrgPerson sn: [B=RNDFROMFILE(/usr/share/dirsrv/data/dbgen-FamilyNames)] cn: [C=RNDFROMFILE(/usr/share/dirsrv/data/dbgen-GivenNames)] [B] password: test[A] description: user id [A] mail: [C].[B]@example.com telephonenumber: (555) [RNDN(0;999;3)]-[RNDN(0;9999;4)]
ldclt
command, then, uses that template to build an LDIF file with 100,000 entries:
# ldclt -b "ou=people,dc=csb" -e object=inet.txt,rdn='uid:[A=INCRNNOLOOP(0;99999;5)]' -e genldif=100Kinet.ldif,commoncounter
B.1.5.2. Adding Entries
ldclt
tool can add entries that match either of two templates:
- person
- inetorgperson
-f
filter sets the format of the naming attribute for the user entries. For example, -f "cn=MrXXXXX"
creates a name like -f "cn=Mr01234"
. Using the person
or inetorgperson
parameter with -f
creates a basic entry.
objectclass: person sn: ex sn cn: Mr01234
rdn
parameter and an object
file. The full range of options for the entries is covered in Section B.1.5.1, “Generating LDIFs”. The rdn
and object
parameters provide the format for the entries to add or edit in the directory. The rdn
execution parameter takes a keyword pattern (as listed in Table B.4, “ldclt Template LDIF File Keywords”) and draws its entry pool from the entries listed in a text file.
-e rdn='uid:[A=INCRNNOLOOP(0;99999;5)]',object=inet.txt
ldclt
tool creates entries in a numeric sequence. That means that the method of adding those entries and of counting the sequence have to be defined as well. Some possible options for this include:
- -r and -R to set the numeric range for entries
- incr or random to set the method of assigning numbers (these are only used with -f)
- -r and -R to set the numeric range for entries
- noloop, to stop the add operations when it hits the end of the range rather than looping back
Example B.2. Adding Entries
# ldclt -b ou=people,dc=example,dc=com -D "cn=Directory Manager" -w secret -e add,person,incr,noloop,commoncounter -r0 -R99999 -f "cn=MrXXXXX" -v -q
add
operation can also be used to build a directory tree for more complex testing. Whenever an entry is added to the directory that belongs to a non-existent branch, the ldclt
tool automatically creates that branch entry.
Note
cn
, o
, or ou
.
Example B.3. Creating the Directory Tree
# ldclt -b ou=DeptXXX,dc=example,dc=com
-D "cn=Directory Manager" -w secret -e add,person,incr,noloop,commoncounter -r0 -R99999 -f "cn=MrXXXXX" -v -q
B.1.5.3. Search Operations
ldclt
search test simply looks for all entries within the given base DN. This uses two execution parameters: esearch
and random
.
Example B.4. Basic Search Operation
# ldclt -h localhost -p 389 -D "cn=Directory Manager" -w secret -b "ou=people,dc=example,dc=com" -f uid=testXXXXX -e esearch,random -r0 -R99999 -I 32
Important
ldclt
is designed to perform searches that return one entry.
attrlist
execution parameter and a colon-separated list of attributes.
Example B.5. Searching for a List of Attributes
# ldclt -h localhost -p 389 -b "ou=people,dc=example,dc=com" -f uid=XXXXX -e esearch,random -r0 -R99999 -I 32 -e attrlist=cn:mail
ldclt
search operation can return attribute values for attributes randomly selected from the search list. The list is given in the randomattrlist
execution parameter with a colon-separated list of attributes.
Example B.6. Searching for a List of Random Attributes
# ldclt -h localhost -p 389 -b "ou=people,dc=example,dc=com" -f uid=XXXXX -e esearch,random -r0 -R99999 -I 32 -e randomattrlist=cn:sn:ou:uid:mail:mobile:description
Example B.7. Searches with Alternate Filters
# ldclt -h localhost -p 389 -b "ou=people,dc=example,dc=com" -f mail=XXXXXX@example.com
-e esearch,random -r0 -R99999 -I 32 -e randomattrlist=cn:sn:ou:uid:mail:mobile:description
rdn
and object
execution parameters provide the format for the entries to add or edit in the directory. The rdn
execution parameter takes a keyword pattern (as listed in Table B.4, “ldclt Template LDIF File Keywords”) and draws its entry pool from the entries listed in a text file.
Example B.8. Searches with RDN Filters
# ldclt -h localhost -p 389 -b "ou=people,dc=example,dc=com" -e rdn='mail:[RNDN(0;99999;5)]@example.com',object="inet.txt"
-e attrlist=cn:telephonenumber
B.1.5.4. Modify Operations
attreplace
execution parameter replaces specific attributes in the entries.
rdn
and object
parameters provide the format for the entries to add or edit in the directory. The rdn
execution parameter takes a keyword pattern (as listed in Table B.4, “ldclt Template LDIF File Keywords”) and draws its entry pool from the entries listed in a text file.
Example B.9. Modify Operation
# ldclt -h localhost -p 389 -D "cn=Directory Manager" -w secret -b "ou=people,dc=example,dc=com" -e rdn='uid:[RNDN(0;99999;5)]' -I 32 -e attreplace='description: random modify XXXXX'
B.1.5.5. modrdn Operations
ldclt
command supports two kinds of modrdn operations:
- Renaming entries
- Moving an entry to a new parent
ldclt
utility creates the new entry name or parent from a randomly-selected DN.
- rename
- rdn='pattern'
- object=file
rdn
and object
parameters provide the format for the entries to add or edit in the directory. The rdn
execution parameter takes a keyword pattern (as listed in Table B.4, “ldclt Template LDIF File Keywords”) and draws its entry pool from the entries listed in a text file.
Example B.10. Simple Rename Operation
# ldclt -h localhost -p 389 -D "cn=Directory Manager" -w secret -b "ou=people,dc=example,dc=com" -I 32 -I 68 -e rename,rdn='uid:[RNDN(0;999;5)]',object="inet.txt"
withnewparent
execution parameter renames the entry and moves it beneath a new parent entry. If the parent entry does not exist, then the ldclt
tool creates it.[3]
Example B.11. Renaming an Entry and Moving to a New Parent
# ldclt -h localhost -p 389 -D "cn=Directory Manager" -w secret12 -b "ou=DeptXXX,dc=example,dc-com" -I 32 -I 68 -e rename,withnewparent,rdn='uid:Mr[RNDN(0;99999;5)]',object="inet.txt"
B.1.5.6. Delete Operations
ldclt
delete operation is exactly the reverse of the add operation. As with the add, delete operations can remove entries in several different ways:
- Randomly (
-e delete,random
) - RDN-ranges (
-e delete,rdn=
[pattern]) - Sequentially (
-e delete,incr
)
- -e delete,random
- -r and -R for the range bounds
- -f for the filter to match the entries
Example B.12. Random Delete Operations
# ldclt -b "ou=people,dc=example,dc=com" -D "cn=Directory Manager" -w secret -e delete,random -r0 -R99999 -f "uid=XXXXXX" -I 32 -v -q
rdn
execution parameter with a keyword (as listed in Table B.4, “ldclt Template LDIF File Keywords”) and draws its entry pool from the entries listed in a text file. This format requires three execution parameters:
- -e delete
- -e rdn='pattern'
- -e object='file'
Example B.13. RDN-Based Delete Operations
# ldclt -b "ou=people,dc=example,dc=com" -D "cn=Directory Manager" -w secret -e delete,rdn='uid:[INCRNNOLOOP(0;99999;5)]',object="inet.txt" -I 32 -v -q
- -e delete,incr
- -r and -R for the range bounds
- -f for the filter to match the entries
Example B.14. Sequential Delete Operations
# ldclt -b "ou=people,dc=example,dc=com" -D "cn=Directory Manager" -w secret -e delete,incr -r0 -R99999 -f "uid=XXXXXX" -I 32 -v -q
B.1.5.7. Bind Operations
ldclt
thread binds once to the server and then runs all of its operations in a single session. The -e bindeach
can be used with any other operation to instruct the ldclt
tool to bind for each operation and then unbind before initiating the next operation.
-e add,bindeach ...
-e bindeach,bindonly
execution parameters and no other operation information. For example:
# ldclt -h localhost -p 389 -b "ou=people,dc=example,dc=com" -e bindeach,bindonly -e
bind_info
-D
and -w
user name-password pair in the connection parameters.
Note
-e close
option with the bind parameters to test the affect that dropping connections has on the Directory Server, instead of unbinding cleanly.
Example B.15. Bind Only and Close Tests
# ldclt -h localhost -p 389 -D "cn=Directory Manager" -w secret
-e bindeach,bindonly,close
randombinddnfromfile
) or using a DN selected randomly from within a range (-e randombinddn,randombinddnlow=X,randombinddnhigh=Y
).
Example B.16. Random Binds from Identities in a File
# ldclt -h localhost -p 389 -e bindeach,bindonly -e randombinddnfromfile=/tmp/testbind.txt
-e add
, where the accounts were added in a range. The ldclt
tool can autogenerate values using X as a variable and incrementing through the specified range.
Example B.17. Random Binds from Random Base DN
# ldclt -h localhost -p 389 -e bindeach,bindonly -D "uid=XXXXX,dc=example,dc=com" -w testXXXXX -e randombinddn,randombinddnlow=0,randombinddnhigh=99999
B.1.5.8. Running Operations on Random Base DNs
randombase
parameters set the range of organizational units to select from. A variable in the -b
base entry sets the format of the base DN.
-b "ou=DeptXXX,dc=example,dc=com" -e randombase,randombaselow=0,randombasehigh=999 ...
B.1.5.9. TLS Authentication
- The connection parameters,
-Z
, which gives the path to the security databases for the Directory Server - The execution parameters,
cltcertname
,keydbfile
, andkeydbpin
, which contains the information that the server will prompt to access the TLS databases
# ldclt -h host -p port -e bindeach,bindonly -Z certPath -e cltcertname=certName,keydbfile=filename,keydbpin=password
B.1.5.10. Abandon Operations
-e abandon
parameter opens and then cancels operations on the server. This can be run by itself or with other types of operations (like -e add
or -e esearch
).
# ldclt -e abandon -h localhost -p 389 -D "cn=Directory Manager" -w secret -v -q -b "ou=people,dc=example,dc=com"