A part of our DIT is imported from an external source, and that part needs to be refreshed. Those are several thousand entries.

So I would like to delete all of the subtree’s children, but not the base node (for some puristic motivation), and then I would import the new children (using a different naming schema possibly).

As I understand it, there is no standard tool to do that (I could pipe the output of an ldapsearch into ldapdelete, maybe with some filtering between).

 

As ldapdelete has no scope option (-s), I wonder whether it wouldn’t be a nice addition, like this:

-s base: deletes the entry if it has no children only (this is the default as I understand it)

- s one: deletes all children of the entry that don’t have children themselves

- s sub: delete the entry and all it’s children recursively (this is what “-r” enables as I understand it)

 

What do you think? IMHO the logic needed is probably present in the code already, so it shouldn’t be difficult to implement.

 

Kind regards,

Ulrich Windl