sourCEntral - mobile manpages




adtool - Active Directory administration tool


adtool [−h] [−v] [−H uri] [−D binddn] [−w bindpasswd] [−b searchbase] operation [arguments...]


adtool is a unix command line utility for Active Directory administration. Features include user and group creation, deletion, modification, password setting and directory query and search capabilities.



Output usage information.


Output version information.

−H uri

The uri of the Active Directory server to connect to, eg. ldap://

−D binddn

The distinguished name of the user to bind to the server as, eg. cn=admin,ou=usrs,dc=example,dc=com.

−w password

The password to authenticate with.

−b searchbase

The distinguished name of the base for any operations that involve searching the directory, eg. ou=users,dc=example,dc=com.


usercreate <username> <container>

create a new user

userdelete <username>

delete a user

userlock <username>

disable a user account

userunlock <username>

enable a user account

setpass <user> [password]

set user’s password. The password can be entered either as an argument or interactively, in which case it is not echoed back to the screen.

usermove <user> <new container>

move user to another container

userrename <old username> <new username>

rename user

computercreate <name> <container>

create a new computer account

groupcreate <group name> <container>

create a new group

groupdelete <group name>

delete a group

groupadduser <group> <user>

add a user to a group

groupremoveuser <group> <user>

remove a user from a group

groupsubtreeremove <container> <user>

remove a user from all groups below a given ou

oucreate <organizational unit name> <container>

create a new organizational unit

oudelete <organizational unit name>

delete an organizational unit

attributeget <object> <attribute>

display attribute values

attributeadd <object> <attribute> <value>

add an attribute

attributeaddbinary <object> <attribute> <filename>

add an attribute from a file

attributereplace <object> <attribute> <value>

replace an attribute

attributedelete <object> <attribute> [value]

delete an attribute or attribute instance

list <container>

list the entries directly beneath the given container

search <attribute> <value>

simple ldap search


The command line options can instead be specified in a configuration file. An example is installed to (install prefix)/etc/adtool.cfg.dist. Rename this to adtool.cfg and edit as appropriate.


server to connect to


distinguished name of the user to bind to the server as.


password to bind to the server with.


base for search operations.


Mike Dawson <mjd AT dexy DOT mine DOT nu>