ldapcompare — perform LDAP compare operations
ldapcompare
{options} [[attribute] | [:] | [value]] [DN...]
The following options are supported.
--assertionFilter {filter}
Use the LDAP assertion control with the provided filter
-c, --continueOnError
Continue processing even if there are errors
-f, --filename {file}
LDIF file containing one DN per line of entries to compare
-J, --control {controloid[:criticality[:value|::b64value|:<filePath]]}
Use a request control with the provided information
-n, --dry-run
Show what would be done but do not perform any operation
-Y, --proxyAs {authzID}
Use the proxied authorization control with the given authorization ID
-D, --bindDN {bindDN}
DN to use to bind to the server
Default value: cn=Directory Manager
-E, --reportAuthzID
Use the authorization identity control
-h, --hostname {host}
Directory server hostname or IP address
Default value: localhost.localdomain
-j, --bindPasswordFile {bindPasswordFile}
Bind password file
-K, --keyStorePath {keyStorePath}
Certificate key store path
-N, --certNickname {nickname}
Nickname of certificate for SSL client authentication
-o, --saslOption {name=value}
SASL bind options
-p, --port {port}
Directory server port number
Default value: 389
-P, --trustStorePath {trustStorePath}
Certificate trust store path
-q, --useStartTLS
Use StartTLS to secure communication with the server
-T, --trustStorePassword {trustStorePassword}
Certificate trust store PIN
-u, --keyStorePasswordFile {keyStorePasswordFile}
Certificate key store PIN file
-U, --trustStorePasswordFile {path}
Certificate trust store PIN file
--usePasswordPolicyControl
Use the password policy request control
-V, --ldapVersion {version}
LDAP protocol version number
Default value: 3
-w, --bindPassword {bindPassword}
Password to use to bind to the server
-W, --keyStorePassword {keyStorePassword}
Certificate key store PIN
-X, --trustAll
Trust all server SSL certificates
-Z, --useSSL
Use SSL for secure communication with the server
-i, --encoding {encoding}
Use the specified character set for command-line input
--noPropertiesFile
No properties file will be used to get default command line argument values
--propertiesFilePath {propertiesFilePath}
Path to the file containing default property values used for command line arguments
-v, --verbose
Use verbose mode
The command completed successfully.
ldap-error
An LDAP error occurred while processing the operation.
LDAP result codes are described in RFC 4511. Also see the additional information for details.
An error occurred while parsing the command-line arguments.
You can use ~/.opendj/tools.properties
to set
the defaults for bind DN, host name, and port number as in the following
example.
hostname=directory.example.com port=1389 bindDN=uid=kvaughan,ou=People,dc=example,dc=com ldapcompare.port=1389 ldapdelete.port=1389 ldapmodify.port=1389 ldappasswordmodify.port=1389 ldapsearch.port=1389
The following examples demonstrate comparing Babs Jensen's UID.
The following example uses a matching UID value.
$ ldapcompare -p 1389 uid:bjensen uid=bjensen,ou=people,dc=example,dc=com Comparing type uid with value bjensen in entry uid=bjensen,ou=people,dc=example,dc=com Compare operation returned true for entry uid=bjensen,ou=people,dc=example,dc=com
The following example uses a UID value that does not match.
$ ldapcompare -p 1389 uid:beavis uid=bjensen,ou=people,dc=example,dc=com Comparing type uid with value beavis in entry uid=bjensen,ou=people,dc=example,dc=com Compare operation returned false for entry uid=bjensen,ou=people,dc=example,dc=com