The Directory Server provides support for attributes using binary subtypes, which are typically used for certificates or JPEG images that you can store in an entry. The operation must specifically match the subtype for successful operation. You must use the version directive with a value of "1" for binary subtypes. Typical binary attribute types are userCertificate and jpegPhoto.

  1. To add an attribute with a binary subtype, run the ldapmodify tool from the command line interface.
  2. Specify the modification using changetype:modify.
  3. Specify which attributes to add using the add option.

    The attribute in this example points to the filepath of the certificate.

    $ bin/ldapmodify -h server.example.com -p 389 -D "cn=admin,dc=example,dc=com" \
      -w password 
    version: 1 
    dn: uid=user.2004,ou=People,dc=example,dc=com
    changetype: modify 
    add: userCertificate;binary 
    userCertificate;binary:<file:///path/to/cert