Things have changed quite a bit in this new LDAP version; as you all know by now, its configuration has been moved to the LDAP DB tree itself, and if you’re gonna add/modify stuff from the command line, you’ll need to use the cryptic LDAP syntax.

Here’s how to get you started; say you wish to create a new LDAP database for “dc=gradew,dc=net”:

1) Create the database for the new domain: ldapadd -Y EXTERNAL -H ldapi:/// -f creation.ldif

2) Add the initial tree (admin password is “secret”): ldapadd -x -D “cn=admin,dc=gradew,dc=net” -W -f initial.ldif

3) Create a new user: ldapadd -x -D “cn=admin,dc=gradew,dc=net” -W -f create_user.ldif

4) Modify the user’s password: ldapmodify -x -D cn=admin,dc=gradew,dc=net -W -f modify_user.ldif

And a few notes:

  • Dump the LDAP database for a given domain: slapcat -b dc=gradew,dc=net
  • Search info on a given user: ldapsearch -x -h localhost -D ‘uid=user1,ou=people,dc=gradew,dc=net’ -W ‘(uid=user1)’