Show Table of Contents
3.4. Updating a Directory Entry
When you modify a directory entry, use the
changetype: modify statement. Depending on the change operation, you can add, change, or delete attributes from the entry.
Use the
ldapmodify utility to send the LDIF statements to Directory Server. For example, in interactive mode:
# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x
For further details on the parameters used in
ldapmodify commands, see the ldapmodify(1) man page.
3.4.1. Adding Attributes to an Entry
To add an attribute to an entry, use the
add operation.
For example, to add the
telephoneNumber attribute with the 555-1234567 value to the uid=user,dc=people,dc=example,dc=com entry:
# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x dn: uid=user,dc=people,dc=example,dc=com changetype: modify add: telephoneNumber telephoneNumber: 555-1234567
If an attribute is multi-valued, you can specify the attribute name multiple times to add all the values in a single operation. For example, to add two
telephoneNumber attributes at once to the uid=user,dc=people,dc=example,dc=com:
# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x dn: uid=user,dc=people,dc=example,dc=com changetype: modify add: telephoneNumber telephoneNumber: 555-1234567 telephoneNumber: 555-7654321
3.4.2. Updating an Attribute's Value
The procedure for updating an attribute's value depends on if the attribute is single-valued or multi-valued.
Updating a Single-value Attribute
When updating a single-value attribute, use the
replace operation to override the existing value. The following command updates the manager attribute of the uid=user,dc=people,dc=example,dc=com entry:
# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x dn: uid=user,dc=people,dc=example,dc=com changetype: modify replace: manager manager: uid=manager_name,dc=people,dc=example,dc=com
Updating a Specific Value of a Multi-value Attribute
To update a specific value of a multi-value attribute, you must first delete the entry you want to replace, and then add the new value. The following command updates only the
telephoneNumber attribute that is currently set to 555-1234567 in the uid=user,dc=people,dc=example,dc=com entry:
# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x dn: uid=user,dc=people,dc=example,dc=com changetype: modify delete: telephoneNumber telephoneNumber: 555-1234567 - add: telephoneNumber telephoneNumber: 555-9876543
3.4.3. Deleting Attributes from an Entry
To delete an attribute from an entry, use the
delete operation.
Deleting an Attribute
For example, to delete the
manager attribute from the uid=user,dc=people,dc=example,dc=com entry:
# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x dn: uid=user,dc=people,dc=example,dc=com changetype: modify delete: manager
Note
If the attribute contains multiple values, this operation deletes all of them.
Deleting a Specific Value of a Multi-value Attribute
If you want to delete a specific value from a multi-value attribute, list the attribute and its value in the LDIF statement. For example, to delete only the
telephoneNumber attribute that is set to 555-1234567 from the uid=user,dc=people,dc=example,dc=com entry:
# ldapmodify -D "cn=Directory Manager" -W -p 389 -h server.example.com -x dn: uid=user,dc=people,dc=example,dc=com changetype: modify delete: telephoneNumber telephoneNumber: 555-1234567