Child pages
  • LDAP Stuff

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin
Table of Contents


This document contains helpful LDAP tips and tricks.


ACI to restrict an attribute based on its existence of the attribute name as the value of another attribute:

Code Block
(targetattr = "mail") (targetfilter =
(|(uoRestrictAttributeRestricted=mail)(uoRestrictAttributeInternal=mail))) (version 3.0;acl "Email privacy";deny (read,compare,search)(userdn = "ldap:///some dn" or userdn = "ldap:///some other dn");)

Search Rate

Code Block
./searchrate -s base --baseDN "ou=pple,dc=ucsf,dc=edu" -a -t 30 --filter "objectclass=*" --maxOutstandingRequests 500 --port 1389 -D "cn=directory manager" --bindPasswordFile ~/Programming/directory/dirmanager -A cn

Tree Delete

Tree delete from the command line using OpenDS cli tools:

Code Block
ldapdelete --hostname localhost --port 1636 --bindDN "cn=Directory Manager" -j /home/opendsuser/odspwd --trustAll --useSSL --noPropertiesFile -J 1.2.840.113556.1.4.805 ou=people,dc=ucsf,dc=edu