The following syntax is valid if the same keyword applies throughout the transaction:
dn:
changetype: keyword
subkeyword: attribute
attribute: value
subkeyword: attribute
attribute: value
subkeyword: attribute
attribute: value
.
.
.
subkeyword: attribute entries are optional and indicate that you want to apply the change to a specific attribute within the entry. If there are no subkeyword: attribute entries in the transaction, the change applies to the entire entry. For example, it is faster to delete an entire entry:
dn: radiusname=TINYCO.COM,radiusclass=client,o=radius
changetype: delete
but if you want to delete only a few attributes from the entry, you may do so:
dn: radiusname=TINYCO.COM,radiusclass=client,o=radius
changetype: delete
delete:
If the subkeyword is add or replace, an attribute: value entry must
appear immediately following the subkeyword: attribute entry. If the
subkeyword is delete, the attribute: value entry does not apply and should be omitted.
Adding Records
You can populate an LDAP database by creating an LDIF file that imports entries from one LDAP database into another. You can search the first database for the entries you want, then add them to the second database. You can even use the search operation to filter out attributes from the first database that you do not want in the second database. You can search the first database using ldapsearch. This creates an LDIF file which you can then input to ldapmodify.
To import entries from one LDAP database into another, run the ldapsearch command on the first database. Request only the attributes you want for the new database. When ldapsearch completes processing, edit the output LDIF file.
After each line that begins with dn:, add a single line containing the text
RSA RADIUS Server 6.1 Administrator’s Guide Using the LDAP Configuration Interface | 93 |