RFC 2849 LDIF input

A standard LDIF style defined by RFC 2849: The LDAP Data Interchange Format (LDIF) is recommended. A LDIF file can start with optional version and charset directives: version: 1 and charset: ISO-8859-1.

The charset directive is useful when using file systems on other platforms that do not support tagging a file with a CCSID. On i5/OS, the standard behavior is to open LDIF files in UTF-8 (CCSID 1208) and allow the file system to convert data from the CCSID of the file to UTF-8 and the charset directive is usually not needed.

Following the optional version and charset lines is a series of change records as described below.

When using RFC 2849 LDIF input, attribute types and values are delimited by a single colon (:) or a double colon (::). Furthermore, individual changes to attribute values are delimited with a changetype: input line. The general form of input lines for RFC 2849 LDIF is: 

change_record 
<blank line> 
change_record 
<blank line>
.
.
.

An input file in RFC 2849 LDIF style consists of one or more change_record sets of lines that are separated by a single blank line. Each change_record has the following form: 

dn: <distinguished name> 
[changetype: {modify|add|modrdn|moddn|delete}] 
change_clause 
change_clause 
. 
. 
.

Thus, a change_record consists of a line indicating the distinguished name of the directory entry to be modified, an optional line indicating the type of modification to be performed against the directory entry, and one or more change_clause sets of lines. If the changetype: line is omitted, the change type is assumed to be modify unless the command invocation was ldapmodify -a or ldapadd, in which case the changetype is assumed to be add.

When the change type is modify, each change_clause is defined as a set of lines of the form: 

add: {attrtype} 
{attrtype}{sep}{value} 
. 
. 
. 
-

or

replace: {attrtype} 
{attrtype}{sep}{value} 
. 
. 
. 
-

or

delete: {attrtype} 
[{attrtype}{sep}{value}] 
. 
. 
. 
-

or

{attrtype}{sep}{value} 
. 
. 
.

Specifying replace replaces all existing values for the attribute with the specified set of attribute. Specifying add adds to the existing set of attribute values. Specifying delete without any attribute-value pair records removes all the values for the specified attribute. Specifying delete followed by one or more attribute-value pair records removes only those values specified in the attribute-value pair records.

If any of the add: attrtype, replace: attrtype, or delete: attrtype lines (change indicator) is specified, a line containing a hyphen (-) is expected as a closing delimiter for the changes for that attrtype. Attribute-value pairs are expected on the input lines that are found between the change indicator and hyphen line. If the changetype line is omitted, the changetype is assumed to be add for ldapadd and replace for ldapmodify.

The attribute value can be specified as a text string, a base-64 encoded value, or a file URL according to the separator, sep, used.
attrtype: value
a single colon (:) specifies that the value is the string value.
attrtype:: base64string
a double colon (: :) specifies that base64string is the base 64 encoded string representation of a binary value or a UTF-8 string that contains multi-byte characters.
attrtype:< fileURL
a colon and left angle bracket (:<) specifies that the value is to be read from the file identified by fileURL. An example of a file URL line specifying that the value for jpegPhoto attribute is in the file /tmp/photo.jpg is

jpegphoto:< file:///tmp/photo.jpg

Any whitespace characters between the separator and the attribute value are ignored. Attribute values can be continued across multiple lines by using a single space character as the first character of the next line of input. If a double colon is used as the separator, the input is expected to be in base64 format. This format is an encoding that represents every three binary bytes with four text characters.

Multiple attribute values are specified using multiple (attrtype}{sep}{value} specifications.

When the change type is add, each change_clause is defined as a set of lines of the form: 

{attrtype}{sep}{value}

As with change type of modify, the separator, sep, and value can be either a single colon (:), a double colon (: :), or colon and left angle bracket (:<). Any whitespace characters between the separator and the attribute value are ignored. Attribute values can be continued across multiple lines by using a single space character as the first character of the next line of input. If a double colon is used as the separator, the input is expected to be in base64 format.

When the change type is modrdn or moddn, each change_clause is defined as a set of lines of the form: 

newrdn: value 
deleteoldrdn:{0|1} 
[newsuperior: newSuperiorDn]

These are the parameters you can specify on a modify RDN (rename) or modifyDN (move) LDAP operation. The value for the newrdn setting is the new RDN to be used when performing the modify RDN operation. Specify 0 for the value of the deleteoldrdn setting in order to save the attribute in the old RDN and specify 1 to remove the attribute values in the old RDN. The value for the newsuperior setting is the DN of the new superior (parent) when moving an entry.

When the change type is delete, no change_clause is specified.