by Greg Breheny

-This tool was sent in by Peter Norris.

LDAPDO, is a very flexible tool written in perl, we use at the University to update our eDirectories. We found it was easier to work with than pure ldif files.

It has some great functions. For example it is very easy to list users into a file, modify the file and re-import the file back into eDirectory. You can have multiple .conf files pointing to different Directories. Such as your Identity Vault and Authentication Tree..

ldapdo -fConfile2.txt

The tool was written by one of the guys here. It took me ages for him to agree to publish it up here, so I hope you find it useful.

There are some good examples in both the ldapdo perl file and the readme.

Ldapdo relies on some modules from perl that are NOT installed by default. Here is a basic install instructions.. (It can take quite a while to install these, and I always get errors… however I find doing the second part twice seems to do the trick)

  • first install cpan (the perl package installation tool)
  • perl -MCPAN -e shell

    (type ‘no’ at first prompt to exit with the defaults)

  • install ldapdo dependencies
  • perl -MCPAN -e "install Net::LDAP"
  • you will be prompted for several missing modules
    you only need to enter ‘y’ to install these


This will come up with Some Errors. However it does not seem to stop LDAPDO from working..

You must change some defaults in the .conf file to connect to your LDAP environment.

We use a dedicated LDAP account and have removed the accounts rights to delete objects. I would strongly recommend backing up your eDirectory regularly when using this tool (not that we have ever had an issue).

We use the LDAPDO tool on both eDirectory and AD without any problems..

I suggest reading the Readme as it has some good examples in it.

However a quick gotcha, if you want to list all attributes from the CONF file use -v3 (although this can be changed via the conf file….)

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.
Tags: ,
Categories: Cool Tools, eDirectory

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: coolguys
Oct 10, 2007
1:32 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow