xref: /netbsd-src/external/bsd/openldap/dist/doc/man/man1/ldapwhoami.1 (revision 466a16a118933bd295a8a104f095714fadf9cf68) 
 LDAPWHOAMI 1 "RELEASEDATE" "OpenLDAP LDVERSION"
 $OpenLDAP: pkg/ldap/doc/man/man1/ldapwhoami.1,v 1.10.2.4 2008/02/11 23:26:39 kurt Exp $
 Copyright 1998-2008 The OpenLDAP Foundation All Rights Reserved.
 Copying restrictions apply. See COPYRIGHT/LICENSE.
 NAME
ldapwhoami - LDAP who am i? tool

 SYNOPSIS
 ldapwhoami [\c
 -n ] [\c
 -v ] [\c
 -z ] [\c
 -d  debuglevel] [\c
 -D  binddn] [\c
 -W ] [\c
 -w  passwd] [\c
 -y  passwdfile] [\c
 -H  ldapuri] [\c
 -h  ldaphost] [\c
 -p  ldapport] [\c
 -O  security-properties] [\c
 -I ] [\c
 -Q ] [\c
 -U  authcid] [\c
 -R  realm] [\c
 -x ] [\c
 -X  authzid] [\c
 -Y  mech] [\c
 -Z[Z] ] 
 DESCRIPTION
 ldapwhoami implements the LDAP "Who Am I?" extended operation.


 ldapwhoami opens a connection to an LDAP server, binds, and performs a whoami
operation. 

 OPTIONS

 -n Show what would be done, but don't actually perform the whoami operation.
Useful for
debugging in conjunction with -v.


 -v Run in verbose mode, with many diagnostics written to standard output.


 -d  debuglevel Set the LDAP debugging level to debuglevel.
 ldapwhoami must be compiled with LDAP_DEBUG defined for this option to have any effect.


 -x  Use simple authentication instead of SASL.


 -D  binddn Use the Distinguished Name binddn to bind to the LDAP directory.


 -W Prompt for simple authentication.
This is used instead of specifying the password on the command line.


 -w  passwd Use passwd as the password for simple authentication.


 -y  passwdfile Use complete contents of passwdfile as the password for
simple authentication.


 -H  ldapuri Specify URI(s) referring to the ldap server(s); only the protocol/host/port
fields are allowed; a list of URI, separated by whitespace or commas
is expected.


 -h  ldaphost Specify an alternate host on which the ldap server is running.
Deprecated in favor of -H.


 -p  ldapport Specify an alternate TCP port where the ldap server is listening.
Deprecated in favor of -H.


 -P  2\||\|3 Specify the LDAP protocol version to use.


 -O  security-properties Specify SASL security properties.


 -I Enable SASL Interactive mode. Always prompt. Default is to prompt
only as needed.


 -Q Enable SASL Quiet mode. Never prompt.


 -U  authcid Specify the authentication ID for SASL bind. The form of the ID
depends on the actual SASL mechanism used.


 -R  realm Specify the realm of authentication ID for SASL bind. The form of the realm
depends on the actual SASL mechanism used.


 -X  authzid Specify the requested authorization ID for SASL bind.
 authzid must be one of the following formats:
 dn:\c  <distinguished name> or
 u:\c  <username> 

 -Y  mech Specify the SASL mechanism to be used for authentication. If it's not
specified, the program will choose the best mechanism the server knows.


 -Z[Z] Issue StartTLS (Transport Layer Security) extended operation. If you use
 -ZZ\c , the command will require the operation to be successful.

 EXAMPLE
 ldapwhoami -x -D "cn=Manager,dc=example,dc=com" -W



 "SEE ALSO"
 ldap.conf (5),  ldap (3),  ldap_extended_operation (3) 
 AUTHOR
The OpenLDAP Project <http://www.openldap.org/>

 ACKNOWLEDGEMENTS
.so  ../Project