Search one or more LDIF files to identify entries matching a given set of criteria.
ldifsearch --ldifFile data.ldif "(uid=jdoe)"
ldifsearch --ldifFile data.ldif --outputFile people.ldif \
--baseDN dc=example,dc=com --scope sub "(objectClass=person)" givenName sn \
cn
-V
--version
| Description | Display PingAuthorize Server version information |
-H
--help
| Description | Display general usage information |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
-l {path}
--ldifFile {path}
| Description | the path to an LDIF file containing the entries to search. This must be provided at least once, but if multiple files are given, they will be searched in the order provided. The file may optionally be compressed or encrypted. |
| Required | Yes |
| Multi-Valued | Yes |
--ldifEncryptionPassphraseFile {path}
| Description | The path to the file containing the passphrase used to encrypt the contents of the target LDIF file. If this argument is provided, the file must exist and must contain exactly one line that contains only the encryption passphrase. If the target LDIF file is encrypted but this argument is not provided, and if the file was not encrypted with a key from the server's encryption settings database, then the tool will interactively prompt for the passphrase. |
| Required | No |
| Multi-Valued | No |
--stripTrailingSpaces
| Description | Strip off any illegal trailing spaces identified in LDIF entries rather than rejecting those entries. |
--schemaPath {path}
| Description | The path to an LDIF file (or a directory containing multiple LDIF files) with the schema definitions to use during processing. This argument may be used multiple times to specify multiple schema paths. If this argument is ot provided, the server's schema will be used. |
| Required | No |
| Multi-Valued | Yes |
--checkSchema
| Description | Indicates whether to validate each entry read from an LDIF file to ensure that it conforms to the defined schema. If this argument is provided, an error will be reported for every entry that does not conform to the schema. |
-o {path}
--outputFile {path}
| Description | The path to an output file to which matching entries will be written. If this is not provided, then matching entries will be written to standard output. |
| Required | No |
| Multi-Valued | No |
--separateOutputFilePerSearch
| Description | Use a separate output LDIF file for each search filter. This argument is only applicable if either the --filterFile or --ldapURLFile argument is provided to specify multiple sets of search criteria. If this argument is given, then each output file will use the path specified by the --outputFile argument, followed by a period and a number indicating which search criteria is being used (e.g., '.1'; for the first set of search criteria, '.2' for the second, and so on). |
--compressOutput
| Description | GZIP-compress the data as it is written to each output file. |
--encryptOutput
| Description | Encrypt the data as it is written to each output file. If the '--outputEncryptionPassphraseFile' argument is provided, then the passphrase contained in that file will be used to encrypt the output. Otherwise, the tool will interactively prompt for the passphrase. |
--outputEncryptionPassphraseFile {path}
| Description | The path to a file containing the passphrase to use to encrypt the contents of the output files. If this argument is provided, then the file must exist, and it must contain exactly one line comprised entirely of the encryption passphrase. |
| Required | No |
| Multi-Valued | No |
-O
--overwriteExistingOutputFile
| Description | Overwrite any output file that already exists, rather than appending to it. This argument must be provided if the output file already exists and either of the '--compressOutput' or '--encryptOutput' arguments is provided. |
--outputFormat {ldif|json|csv|multi-valued-csv|tab-delimited|multi-valued-tab-delimited|dns-only|values-only}
| Description | Specifies the format that should be used for the output generated by this tool. Allowed values are 'LDIF' (LDAP Data Interchange Format, which is the standard string representation for LDAP data), 'JSON' (JavaScript Object Notation, which is a popular format used by web services), 'CSV' (comma-separated values, which is a commonly used format for text processing, with only a single value per attribute), 'multi-valued-csv' (comma-separated values with a vertical bar between values of multivalued attributes), 'tab-delimited' (another commonly used general text format, with only a single value per attribute), 'multi-valued-tab-delimited' (tab-delimited text with a vertical bar between values of multivalued attributes), 'dns-only' (in which only the DN of each matching entry will be written on a line by itself with no information about the entry's attributes), and 'values-only' (in which each value returned will be written on a line by itself with no attribute names, entry DNs, or delimiters between entries). If the single-valued or multivalued CSV or tab-delimited formats are used then there must be a specific set of attributes requested, and the order in which values are returned will match the order in which they are requested. Further, the CSV and tab-delimited formats cannot be used in conjunction with the '--ldapURLFile' argument. If no output format is specified, a default of 'LDIF' will be used. |
| Default Value | ldif |
| Required | No |
| Multi-Valued | No |
--wrapColumn {value}
| Description | The column at which long lines should be wrapped. By default, long lines will be wrapped based on the terminal width (or 80 columns if the terminal width cannot be determined). |
| Upper Bound | 2147483647 |
| Required | No |
| Multi-Valued | No |
-T
--doNotWrap
| Description | Do not wrap long lines as they are written. |
-b {dn}
--baseDN {dn}
| Description | The base DN to use when searching for matching entries. This argument must not be provided if the --ldapURLFile argument is given, as the base DN from each URL will be used. If no LDAP URL file is given and this argument is not provided, then the null DN will be used as the search base. |
| Required | No |
| Multi-Valued | No |
-s {base|one|sub|subordinates}
--scope {base|one|sub|subordinates}
| Description | The scope to use when searching for matching entries. This argument must not be provided if the --ldapURLFile argument is given, as the scope from each URL will be used. If no LDAP URL file is given and this argument is not provided, then a default scope of 'sub' will be used. |
| Allowed Values |
sub subord base one |
| Required | No |
| Multi-Valued | No |
-f {path}
--filterFile {path}
| Description | The path to a file containing one or more search filters (each on a separate line) to use to identify matching entries. If neither this argument nor the --ldapURLFile argument is provided, then the filter must be provided as the first trailing argument. |
| Required | No |
| Multi-Valued | Yes |
--ldapURLFile {path}
| Description | The path to a file containing one or more LDAP URLs (each on a separate line) with the criteria to use to identify matching entries. Note that only the base DN, scope, filter, and requested attributes will be used from the LDAP URLs; the server address and port (if any) will be ignored. If neither this argument nor the --filterFile argument is provided, then the filter must be provided as the first trailing argument. |
| Required | No |
| Multi-Valued | Yes |
--interactive
| Description | Launch the tool in interactive mode. |
--propertiesFilePath {path}
| Description | The path to a properties file used to specify default values for arguments not supplied on the command line. |
| Required | No |
| Multi-Valued | No |
--generatePropertiesFile {path}
| Description | Write an empty properties file that may be used to specify default values for arguments. |
| Required | No |
| Multi-Valued | No |
--noPropertiesFile
| Description | Do not obtain any argument values from a properties file. |
--suppressPropertiesFileComment
| Description | Suppress output listing the arguments obtained from a properties file. |