ldapcompare - phpMan

Command: man perldoc info search(apropos)  

LDAPCOMPARE(1)                                                  LDAPCOMPARE(1)



NAME
       ldapcompare - LDAP compare tool

SYNOPSIS
       ldapcompare  [-n]  [-v]  [-z]  [-k]  [-K]  [-M[M]] [-d debuglevel] [-D binddn] [-W]
       [-w passwd]  [-y passwdfile]  [-H ldapuri]  [-h ldaphost]  [-p ldapport]   [-P 2|3]
       [-O security-properties]   [-I]  [-Q]  [-U authcid]  [-R realm]  [-x]  [-X authzid]
       [-Y mech] [-Z[Z]] DN < attr:value | attr::b64value >

DESCRIPTION
       ldapcompare is a shell-accessible interface to the ldap_compare(3) library call.

       ldapcompare opens a connection to an LDAP server, binds,  and  performs  a  compare
       using  specified  parameters.   The DN should be a distinguished name in the direc-
       tory.  Attr should be a known attribute.  If followed by one colon,  the  assertion
       value should be provided as a string.  If followed by two colons, the base64 encod-
       ing of the value is provided.  The result code of the compare is  provided  as  the
       exit  code and, unless ran with -z, the program prints TRUE, FALSE, or UNDEFINED on
       standard output.


OPTIONS
       -n     Show what would be done, but don’t actually perform the compare.  Useful for
              debugging in conjunction with -v.

       -v     Run in verbose mode, with many diagnostics written to standard output.

       -z     Run  in quiet mode, no output is written.  You must check the return status.
              Useful in shell scripts.

       -k     Use Kerberos IV authentication instead  of  simple  authentication.   It  is
              assumed  that  you already have a valid ticket granting ticket.  ldapcompare
              must be compiled with Kerberos support for this option to have any effect.

       -K     Same as -k, but only does step 1 of the Kerberos IV bind.   This  is  useful
              when connecting to a slapd and there is no x500dsa.hostname principal regis-
              tered with your Kerberos Domain Controller(s).

       -M[M]  Enable manage DSA IT control.  -MM makes control critical.

       -d debuglevel
              Set the LDAP debugging level to debuglevel.  ldapcompare  must  be  compiled
              with LDAP_DEBUG defined for this option to have any effect.

       -x     Use simple authentication instead of SASL.

       -D binddn
              Use the Distinguished Name binddn to bind to the LDAP directory.

       -W     Prompt  for  simple  authentication.  This is used instead of specifying the
              password on the command line.

       -w passwd
              Use passwd as the password for simple authentication.

       -y passwdfile
              Use complete contents of passwdfile as the password for  simple  authentica-
              tion.

       -H ldapuri
              Specify URI(s) referring to the ldap server(s).

       -h ldaphost
              Specify  an  alternate host on which the ldap server is running.  Deprecated
              in favor of -H.

       -p ldapport
              Specify an alternate TCP port where the ldap server  is  listening.   Depre-
              cated in favor of -H.

       -P 2|3 Specify the LDAP protocol version to use.

       -O security-properties
              Specify SASL security properties.

       -I     Enable  SASL Interactive mode.  Always prompt.  Default is to prompt only as
              needed.

       -Q     Enable SASL Quiet mode.  Never prompt.

       -U authcid
              Specify the authentication ID for SASL bind. The form of the ID  depends  on
              the actual SASL mechanism used.

       -R realm
              Specify  the realm of authentication ID for SASL bind. The form of the realm
              depends on the actual SASL mechanism used.

       -X authzid
              Specify the requested authorization ID for SASL bind.  authzid must  be  one
              of the following formats: dn:<distinguished name> or u:<username>

       -Y mech
              Specify the SASL mechanism to be used for authentication. If it’s not speci-
              fied, the program will choose the best mechanism the server knows.

       -Z[Z]  Issue StartTLS (Transport Layer Security) extended  operation.  If  you  use
              -ZZ, the command will require the operation to be successful.

EXAMPLES
           ldapcompare "uid=babs,dc=example,dc=com"  sn:Jensen
           ldapcompare "uid=babs,dc=example,dc=com"  sn::SmVuc2Vu
       are all equivalent.

LIMITATIONS
       Requiring  the  value be passed on the command line is limiting and introduces some
       security concerns.  The command should support a mechanism to specify the  location
       (file name or URL) to read the value from.

SEE ALSO
       ldap.conf(5), ldif(5), ldap(3), ldap_compare(3)

AUTHOR
       The OpenLDAP Project <http://www.openldap.org/>

ACKNOWLEDGEMENTS
       OpenLDAP  is  developed  and  maintained by The OpenLDAP Project (http://www.openl-
       dap.org/).  OpenLDAP is derived from University of Michigan LDAP 3.3 Release.



OpenLDAP 2.2.29                   2005/10/04                    LDAPCOMPARE(1)

Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache/1.3.41 (Unix) PHP/5.2.5 mod_perl/1.30 mod_gzip/1.3.26.1a
Under GNU General Public License
2009-01-09 06:14 @38.103.63.58 CrawledBy CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
Valid XHTML 1.0!Valid CSS!