Enabling Tombstone by command line

Use this information to configure tombstone by command line.

To enable the tombstone feature, issue the following command:

ldapmodify -D <bindDN> -w <password> -f <file>

Where <file> contains:

dn:cn=Directory, cn=RDBM Backends, cn=IBM Directory, cn=Schemas, cn=Configuration

changetype: modify

replace: ibm-slapdTombstoneEnabled

ibm-slapdTombstoneEnabled: true

To reread the configuration file, issue the following command:

ldapexop
-D <bindDN> -w <password> -op readconfig -scope
entire

To set the tombstone lifetime value, issue the following command:

ldapmodify -D <bindDN> -w <password>

dn: cn=Directory, cn=RDBM Backends, cn=IBM Directory, cn=Schemas,cn=Configuration

changetype: modify

replace: ibm-slapdTombstoneLifeTime

ibm-slapdTombstoneLifeTime: <value to be set in hours>

To reread the configuration file, issue the following command:

ldapexop
-D <bindDN> -w <password> -op readconfig -scope
entire

You can use the -L parameter of the ldapdelete utility to delete entries under cn=Deleted Objects. To do this, you first display all tombstones under cn=Deleted Objects by issuing the following command:

ldapsearch -b "cn=Deleted Objects"  -r -D <bindDN> -w <password> objectclass=*
dn

Next, you save the output in an ldif file and then use the ldif file as input to the ldapdelete command by issuing the following command:

ldapdelete -c -L -f <file> -D <bindDN> -w <password>