The ldapply package

[ Tags: mit, network, program, text ] [ Propose Tags ]

[Skip to Readme]


Versions 0.1.0, 0.2.0
Change log
Dependencies base (>=4.8 && <50), bytestring, docopt, interpolatedstring-perl6, LDAP (>0.6.10), ldif, unordered-containers [details]
License MIT
Copyright 2017, Zalora South East Asia Pte. Ltd
Author Igor Pashev <>
Maintainer Igor Pashev <>
Category Network, Text
Source repository head: git clone
Uploaded Thu Jan 12 16:08:18 UTC 2017 by ip1981
Distributions NixOS:0.2.0
Executables ldapply
Downloads 122 total (6 in the last 30 days)
Rating 0.0 (0 ratings) [clear rating]
  • λ
  • λ
  • λ
Status Docs not available [build log]
All reported builds failed as of 2017-01-12 [all 3 reports]
Hackage Matrix CI


Maintainer's Corner

For package maintainers and hackage trustees

Readme for ldapply-0.2.0

[back to package description]


LDIF idempotent apply tool. This tool is similar to ldapmodify with one exception: it's idempotent. It was written to help declarative deployments with NixOS.

How it works

  1. If change type is not specified, it adds or replaces an entry.
  2. If change type is specified, it acts like normal ldapmodify.


ldapply is written in Haskell with GHC. All required Haskell libraries are listed in ldapply.cabal. Use cabal-install to fetch and build all pre-requisites automatically.


Type ldapply --help to see usage summary:

  ldapply [options] LDIF...

  -H <ldapuri>       LDAP URL to connect to [default: ldapi:///]

  -x                 Use simple bind instead of default SASL External
  -D <binddn>        Use <binddn> for the distinguished name or authorization identity
  -w <passwd>        Use <passwd> as the password for simple bind
  -y <passwdfile>    Read password from <passwdfile>, only the first line is read

  -h, --help         Show this message

If option -w is given, -y is ignored.

LDIF example

dn: dc=nodomain
objectClass: top
objectClass: dcObject
objectClass: organization
dc: nodomain
o: Example, Inc.

dn: cn=reader,dc=nodomain
objectclass: top
objectclass: organizationalRole
objectclass: simpleSecurityObject
cn: reader
description: Initial description
userPassword: qwerty123lol

# description will be removed, userPassword changed:
dn: cn=reader,dc=nodomain
objectclass: top
objectclass: simpleSecurityObject
objectclass: organizationalRole
cn: reader
userPassword: foobar12345

# userPassword will be changed:
dn: cn=reader,dc=nodomain
changetype: modify
replace: userPassword
userPassword: anothersecretstuff

dn: cn=reader,dc=nodomain
changetype: modify
replace: description
description: foo

# This will be deleted if exists:
dn: cn=reader,dc=nodomain
changetype: delete