WebSphere Issues


LDAP / TDS commands

Filed under: TDS — Ishtiaque @ 6:47 am

1. Search:

  • All LDAP entries on non-SSL port:

/<ldap_install>/bin/ldapsearch -b dc=ibm,dc=com cn=* (OR cn=Ishtiaque*)

  • All LDAP entries on SSL port:

/<ldap_install>/bin//bin/ldapsearch -Z -K <ldap_install>/etc/key.kdb -P ssl_password -b dc=ibm,dc=com cn=*

Note: LDAP server must be configured on SSL port, while key.kdb and ssl_password are default ldap cert db and it’s password respectively.

  • LDAP server with a bind user :

/<ldap_install>/bin/ldapsearch -b dc=ibm,dc=com -s one objectclass=* -D  “uid=wpsbind,cn=users,dc=ibm,dc=com” -w password

  • Search a particular user:

/<ldap_install>/bin/ldapsearch -b dc=ibm,dc=com -D “cn=root” -w password “cn=myuserid”

4. Delete: a user

/<ldap_install>/bin/idsldapmodify -D cn=root -w passw0rd -f /tmp/deleteUser.ldif

dn: cn=test123,cn=users,o=tst,c=com
changetype: delete

5. Modify: Add a user into a group

/<ldap_install>/bin/idsldapmodify -D cn=root -w passw0rd -f /tmp/modifyUser.ldif

dn: cn=wpsContentAdministrators,cn=groups,o=tst,c=com
changetype: modify
add: uniqueMember
uniqueMember: uid=wpsadmin,cn=users,o=tst,c=com

6. Create: new user:

/<ldap_install>/bin/ldapadd -D cn=root -w passw0rd -f /tmp/addUser.ldif

dn: cn=tst123,cn=users,o=tst,c=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: ePerson
cn: eservicetestuser
cn: tst123
sn: eservicetestuser
uid: tst123

7. Export all users:

/sbin/idsdb2ldif -I ldapdb2 -o /tmp/all.ldif -W /tmp/output.log

  • Export all users in a specified branch:

/sbin/idsdb2ldif -I ldapdb2 -s o=ibm,c=us -o /tmp/all.ldif

  • Export specified user:

/sbin/idsdb2ldif -I ldapdb2 -s cn=test,o=ibm,c=us -o /tmp/all.ldif

9. Import all users:

/sbin/idsldif2db -I ldapdb2 -i /tmp/all.ldif -W /tmp/output.log

10. Start and Stop commands:

  • Find status of the server:

– /opt/IBM/ldap/V6.3/bin/ibmdirctl -D cn=root -w password status

  • Stop the server:

– /opt/IBM/ldap/V6.3/sbin/ibmslapd -I ldapdb2 -k

– /opt/IBM/ldap/V6.3/bin/ibmdirctl -D cn=root -w password stop

– /opt/IBM/ldap/V6.3/sbin/idsdiradm -k (Admin instance)

  • Start the server:

– /opt/IBM/ldap/V6.3/sbin/ibmslapd -I ldapdb2

– /opt/IBM/ldap/V6.3/bin/ibmdirctl -D cn=root -w password start

– /opt/IBM/ldap/V6.3/sbin/idsdiradm (Admin instance)

11. Enable traces during Startup:

– /opt/IBM/ldap/V6.3/sbin/ldtrc info

– /opt/IBM/ldap/V6.3/sbin/ldtrc on

– ibmslapd -I ldapdb2 -n -h 65535 2>&1 | tee /tmp/slapd_trace.out (start the server in debug mode)

– /opt/IBM/ldap/V6.3/sbin/ldtrc off

12. List instances

-/opt/IBM/ldap/V6.3/sbin/idsilist -a


Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: