Operating Systems

• ldapdelete: LDAPDLET

• ldapmodrdn: LDAPMRDN.

These LDAP commands are located on the TCPMAINT 592 disk. Make sure you link to and access it before trying to execute any of the commands.

Some of the LDAP command parameters entered in CMS may require certain special characters that the z/VM Control Program (CP) intercepts. Specific special characters could be used to edit commands as they’re entered. Turn off this default CP behavior to enter LDAP commands. To turn off all line editing, use the command:


To look at information in the LDAP back-end, use the ldapsearch command; the CMS equivalent is ldapsrch.

Use the following ldapsrch command to test communication with the LDAP server:

ldapsrch -h -s base -b "ou=vm,dc=

VMAssist,dc=com" "objectclass=*"

The -h option identifies the host that you want to request information from—the local host in this case. The option -w is the password you entered in the configuration file for adminPW. The -s option is the scope of the search; you ask LDAP to search the base of the LDAP tree. The other search options are all (for the entire tree) or one (which is one level). The -b option tells the LDAP server where to start the search. Our fictional implementation has only one level, but most will have multiple levels and the search can be restricted with this option. The last parameter (without an option) is a filter. It further qualifies the entries the search returns. In this case, you’re requesting all the entries. Figure 3 shows the response and indicates the database is empty. This would be normal since you haven’t put anything into the database.

6 Pages