Symas OpenLDAP Knowledge Base

Using ldapcompare

ldapcompare

ldapcompare Man Page LDAP Result Codes RFC

Syntax: ldapcompare <opts> DN <attribute>:<value>

  • The ldapcompare command is used for testing the value of an attribute without using a search operation. You provide the DN of the entry to test, the attribute name and the expected value. If the given value matches, the command returns TRUE (6), if the value does not match, the command returns FALSE (5)

  • Testing values with spaces requires the attribute and value to be encapsulated in quotes

ldapcompare Examples

# Compare matches true:
ldapcompare -Qv "cn=Pas Panger,ou=Payroll,dc=example,dc=com" "sn:Panger"
TRUE

# Then check the result code:
echo $?
6

# Compare matches true, using verbose output:
ldapcompare -Qv "cn=Pas Panger,ou=Payroll,dc=example,dc=com" "sn:Panger"
ldap_initialize( <DEFAULT> )
DN:cn=Pas Panger,ou=Payroll,dc=example,dc=com, attr:sn, value:Panger
Compare Result: Compare True (6)
TRUE

# Compare matches true, using verbose output:
ldapcompare -Qv "cn=Pas Panger,ou=Payroll,dc=example,dc=com" "sn:Danger"
FALSE

# Then check the result code:
echo $?
5