Perform LDAP delete operations in the Directory Server.
This tool can be used to delete one or more entries to delete either by specifying the DNs as trailing arguments on the command line or by specifying the DNs in a file and using the --file argument.
ldapdelete --bindDN uid=admin,dc=example,dc=com --bindPassword password \
uid=jdoe,ou=People,dc=example,dc=com uid=rroe,ou=People,dc=example,dc=com
ldapdelete --bindDN uid=admin,dc=example,dc=com --bindPassword password \
--filename /usr/local/entry_dns.txt --continueOnError
-H
--help
| Description | Display general usage information |
--help-ldap
| Description | Display help for using LDAP options |
--help-sasl
| Description | Display help for using SASL options |
--help-debug
| Description | Display help for using debug options |
| Advanced | Yes |
--propertiesFilePath {propertiesFilePath}
| Description | Path to the file that contains default property values used for command-line arguments |
| Required | No |
| Multi-Valued | No |
--noPropertiesFile
| Description | Specify that no properties file will be used to get default command-line argument values |
-h {host}
--hostname {host}
| Description | Directory Server hostname or IP address |
| Default Value | localhost |
| Required | No |
| Multi-Valued | No |
-p {port}
--port {port}
| Description | Directory Server port number |
| Default Value | 389 |
| Required | No |
| Multi-Valued | No |
-Z
--useSSL
| Description | Use SSL for secure communication with the server |
-q
--useStartTLS
| Description | Use StartTLS to secure communication with the server |
-D {bindDN}
--bindDN {bindDN}
| Description | DN used to bind to the server |
| Required | No |
| Multi-Valued | No |
-w {bindPassword}
--bindPassword {bindPassword}
| Description | Password used to bind to the server |
| Required | No |
| Multi-Valued | No |
-j {bindPasswordFile}
--bindPasswordFile {bindPasswordFile}
| Description | Bind password file |
| Required | No |
| Multi-Valued | No |
-f {file}
--filename {file}
| Description | File containing the DNs of the entries, with one DN per line |
| Required | No |
| Multi-Valued | No |
-r
--useSASLExternal
| Description | Use the SASL EXTERNAL authentication mechanism |
-o {name=value}
--saslOption {name=value}
| Description | SASL bind options |
| Required | No |
| Multi-Valued | Yes |
-X
--trustAll
| Description | Trust all server SSL certificates |
-K {keyStorePath}
--keyStorePath {keyStorePath}
| Description | Certificate key store path |
| Required | No |
| Multi-Valued | No |
-W {keyStorePassword}
--keyStorePassword {keyStorePassword}
| Description | Certificate key store PIN |
| Required | No |
| Multi-Valued | No |
-u {keyStorePasswordFile}
--keyStorePasswordFile {keyStorePasswordFile}
| Description | Certificate key store PIN file |
| Required | No |
| Multi-Valued | No |
-N {nickname}
--certNickname {nickname}
| Description | Nickname of the certificate for SSL client authentication |
| Required | No |
| Multi-Valued | No |
-P {trustStorePath}
--trustStorePath {trustStorePath}
| Description | Certificate trust store path |
| Required | No |
| Multi-Valued | No |
--trustStorePassword {trustStorePassword}
| Description | Certificate trust store PIN |
| Required | No |
| Multi-Valued | No |
-U {path}
--trustStorePasswordFile {path}
| Description | Certificate trust store PIN file |
| Required | No |
| Multi-Valued | No |
-x
--deleteSubtree
| Description | Delete the specified entry and all entries below it |
-J {controloid[:criticality[:value|::b64value|:
--control {controloid[:criticality[:value|::b64value|:
| Description | Use a request control with the provided information |
| Required | No |
| Multi-Valued | Yes |
--version
| Description | Display Directory Server version information |
-V {version}
--ldapVersion {version}
| Description | LDAP protocol version number |
| Default Value | 3 |
| Required | No |
| Multi-Valued | No |
-i {encoding}
--encoding {encoding}
| Description | Use the specified character set for command-line input |
| Required | No |
| Multi-Valued | No |
-c
--continueOnError
| Description | Continue processing even if there are errors |
-n
--dry-run
| Description | Show what would be done but do not perform any operation |
--useAdministrativeSession
| Description | Attempt to use an administrative session to have operations processed on a dedicated pool of worker threads. This may be useful when trying to diagnose problems in a server that is unresponsive because all normal worker threads are busy processing other requests |
-s
--useSoftDelete
| Description | Process delete operations as soft delete requests, whereby entries are renamed and hidden instead of being permanently deleted. The Directory Server must be configured to allow soft deletes |
--useHardDelete
| Description | Process delete operations with the Hard Delete Request Control. The Hard Delete Request Control bypasses any automatic soft delete policies and processes the delete request immediately without retaining the entry as a soft-deleted entry. The Directory Server must be configured to allow soft deletes for this option to apply |
-v
--verbose
| Description | Use verbose mode |