Adding records – RSA Security 6.1 User Manual
Page 105
RSA RADIUS Server 6.1 Administrator’s Guide
Using the LDAP Configuration Interface
93
The following syntax is valid if the same keyword applies throughout the
transaction:
dn: distinguished-name-of-entry
changetype: keyword
subkeyword: attribute
attribute: value
subkeyword: attribute
attribute: value
subkeyword: attribute
attribute: value
.
.
.
subkeyword: attribute
entries are optional and indicate that you want to
apply the change to a specific attribute within the entry. If there are no
subkeyword: attribute
entries in the transaction, the change applies to the
entire entry. For example, it is faster to delete an entire entry:
dn: radiusname=TINYCO.COM,radiusclass=client,o=radius
changetype: delete
but if you want to delete only a few attributes from the entry, you may do so:
dn: radiusname=TINYCO.COM,radiusclass=client,o=radius
changetype: delete
delete: acct-shared-secret
If the
subkeyword
is
add
or
replace
, an
attribute: value
entry must
appear immediately following the
subkeyword: attribute
entry. If the
subkeyword is
delete
, the
attribute: value
entry does not apply and
should be omitted.
Adding Records
You can populate an LDAP database by creating an LDIF file that imports entries
from one LDAP database into another. You can search the first database for the
entries you want, then add them to the second database. You can even use the
search operation to filter out attributes from the first database that you do not
want in the second database. You can search the first database using
ldapsearch
. This creates an LDIF file which you can then input to
ldapmodify
.
To import entries from one LDAP database into another, run the
ldapsearch
command on the first database. Request only the attributes you want for the new
database. When
ldapsearch
completes processing, edit the output LDIF file.
After each line that begins with
dn:
, add a single line containing the text