LDAP / TDS commands

1. Search:

  • All LDAP entries on non-SSL port:

/<ldap_install>/bin/ldapsearch -b dc=ibm,dc=com cn=* (OR cn=Ishtiaque*)

  • All LDAP entries on SSL port:

/<ldap_install>/bin//bin/ldapsearch -Z -K <ldap_install>/etc/key.kdb -P ssl_password -b dc=ibm,dc=com cn=*

Note: LDAP server must be configured on SSL port, while key.kdb and ssl_password are default ldap cert db and it’s password respectively.

  • LDAP server with a bind user :

/<ldap_install>/bin/ldapsearch -b dc=ibm,dc=com -s one objectclass=* -D  “uid=wpsbind,cn=users,dc=ibm,dc=com” -w password

  • Search a particular user:

/<ldap_install>/bin/ldapsearch -b dc=ibm,dc=com -D “cn=root” -w password “cn=myuserid”

4. Delete: a user

/<ldap_install>/bin/idsldapmodify -D cn=root -w passw0rd -f /tmp/deleteUser.ldif

dn: cn=test123,cn=users,o=tst,c=com
changetype: delete

5. Modify: Add a user into a group

/<ldap_install>/bin/idsldapmodify -D cn=root -w passw0rd -f /tmp/modifyUser.ldif

dn: cn=wpsContentAdministrators,cn=groups,o=tst,c=com
changetype: modify
add: uniqueMember
uniqueMember: uid=wpsadmin,cn=users,o=tst,c=com

6. Create: new user:

/<ldap_install>/bin/ldapadd -D cn=root -w passw0rd -f /tmp/addUser.ldif

dn: cn=tst123,cn=users,o=tst,c=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: ePerson
cn: eservicetestuser
cn: tst123
sn: eservicetestuser
uid: tst123

7. Export all users:

/sbin/idsdb2ldif -I ldapdb2 -o /tmp/all.ldif -W /tmp/output.log

  • Export all users in a specified branch:

/sbin/idsdb2ldif -I ldapdb2 -s o=ibm,c=us -o /tmp/all.ldif

  • Export specified user:

/sbin/idsdb2ldif -I ldapdb2 -s cn=test,o=ibm,c=us -o /tmp/all.ldif

9. Import all users:

/sbin/idsldif2db -I ldapdb2 -i /tmp/all.ldif -W /tmp/output.log

10. Start and Stop commands:

  • Find status of the server:

– /opt/IBM/ldap/V6.3/bin/ibmdirctl -D cn=root -w password status

  • Stop the server:

– /opt/IBM/ldap/V6.3/sbin/ibmslapd -I ldapdb2 -k

– /opt/IBM/ldap/V6.3/bin/ibmdirctl -D cn=root -w password stop

– /opt/IBM/ldap/V6.3/sbin/idsdiradm -k (Admin instance)

  • Start the server:

– /opt/IBM/ldap/V6.3/sbin/ibmslapd -I ldapdb2

– /opt/IBM/ldap/V6.3/bin/ibmdirctl -D cn=root -w password start

– /opt/IBM/ldap/V6.3/sbin/idsdiradm (Admin instance)

11. Enable traces during Startup:

– /opt/IBM/ldap/V6.3/sbin/ldtrc info

– /opt/IBM/ldap/V6.3/sbin/ldtrc on

– ibmslapd -I ldapdb2 -n -h 65535 2>&1 | tee /tmp/slapd_trace.out (start the server in debug mode)

– /opt/IBM/ldap/V6.3/sbin/ldtrc off

12. List instances

-/opt/IBM/ldap/V6.3/sbin/idsilist -a


About Ishtiaque

I am IBM Certified Infrastructure Systems Architect, Linux Foundation Certified System Administrator, Oracle Certified Programmer in Java and Web Component Developer, and TOGAF 9 certified with over 10 years of support and development experience in IBM middleware software and Java. Additionally, have a sound grip in databases and OpenStack administration. I hold the following certifications: IBM Certified Infrastructure Systems Architect Linux Foundation Certified System Administrator (LFCS) TOGAF 9 Certified Oracle Certified Expert, Java EE6 Web Component Developer Oracle Certified Professional – Java 6 Programmer ITIL v3 Foundation Certified IBM Certified Solution Architect – Cloud Computing Infrastructure V1 IBM Certified System Administrator – WebSphere Portal V8, V7, V6.1, V6 IBM Certified System Administrator – WebSphere Application Server V7, V6.1 IBM Certified System Administrator – AIX V7 IBM Certified System Administrator – WebSphere MQ V7 IBM Certified Deployment Professional – Business Process Manager Advanced V7.5 IBM Certified Solution Advisor – Cloud Computing Architecture V3 IBM Certified Solution Developer – WebSphere Portal V5.1
This entry was posted in TDS. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s