.SH SYNOPSIS
ldapexop
[\c
-.BI \-d \ level\fR]
+.BR \-V [ V ]]
[\c
-.BI \-D \ binddn\fR]
+.BI \-d \ debuglevel\fR]
[\c
-.BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]]
+.BR \-n ]
+[\c
+.BR \-v ]
[\c
.BI \-f \ file\fR]
[\c
-.BI \-h \ host\fR]
+.BR \-x ]
[\c
-.BI \-H \ URI\fR]
+.BI \-D \ binddn\fR]
[\c
-.BR \-I ]
+.BR \-W ]
[\c
-.BR \-n ]
+.BI \-w \ passwd\fR]
[\c
-.BR \-N ]
+.BI \-y \ passwdfile\fR]
[\c
-.BI \-O \ security-properties\fR]
+.BI \-H \ URI\fR]
[\c
-.BI \-o \ opt\fR[\fP = optparam\fR]]
+.BI \-h \ ldaphost\fR]
[\c
-.BI \-p \ port\fR]
+.BI \-p \ ldapport\fR]
[\c
-.BR \-Q ]
+.BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]]
[\c
-.BI \-R \ realm\fR]
+.BI \-o \ opt \fR[= optparam \fR]]
[\c
-.BI \-U \ authcid\fR]
+.BI \-O \ security-properties\fR]
[\c
-.BR \-v ]
+.BR \-I ]
[\c
-.BR \-V ]
+.BR \-Q ]
[\c
-.BI \-w \ passwd\fR]
+.BR \-N ]
[\c
-.BR \-W ]
+.BI \-U \ authcid\fR]
[\c
-.BR \-x ]
+.BI \-R \ realm\fR]
[\c
.BI \-X \ authzid\fR]
[\c
-.BI \-y \ file\fR]
-[\c
.BI \-Y \ mech\fR]
[\c
.BR \-Z [ Z ]]
.SH OPTIONS
.TP
-.BI \-d \ level
-Set the LDAP debugging level to \fIlevel\fP.
+.BI \-V [ V ]
+Print version info.
+If\fB\-VV\fP is given, only the version information is printed.
+.TP
+.BI \-d \ debuglevel
+Set the LDAP debugging level to \fIdebuglevel\fP.
+.TP
+.BI \-n
+Show what would be done but don't actually do it.
+Useful for debugging in conjunction with \fB\-v\fP.
+.TP
+.BI \-v
+Run in verbose mode, with many diagnostics written to standard output.
+.TP
+.BI \-f \ file
+Read operations from \fIfile\fP.
+.TP
+.BI \-x
+Use simple authentication instead of SASL.
.TP
.BI \-D \ binddn
Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory.
.TP
+.BI \-W
+Prompt for simple authentication.
+This is used instead of specifying the password on the command line.
+.TP
+.BI \-w \ passwd
+Use \fIpasswd\fP as the password for simple authentication.
+.TP
+.BI \-y \ passwdfile
+Use complete contents of \fIpasswdfile\fP as the password for
+simple authentication.
+.TP
+.BI \-H \ URI
+Specify URI(s) referring to the ldap server(s); only the protocol/host/port
+fields are allowed; a list of URI, separated by whitespace or commas
+is expected.
+.TP
+.BI \-h \ ldaphost
+Specify the host on which the ldap server is running.
+Deprecated in favor of \fB\-H\fP.
+.TP
+.BI \-p \ ldapport
+Specify the TCP port where the ldap server is listening.
+Deprecated in favor of \fB\-H\fP.
+.TP
.BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
Specify general extensions. \'!\' indicates criticality.
.nf
not really controls)
.fi
.TP
-.BI \-f \ file
-Read operations from \fIfile\fP.
-.TP
-.BI \-h \ host
-Specify the host on which the ldap server is running.
-Deprecated in favor of \fB\-H\fP.
+.BI \-o \ opt \fR[= optparam \fR]
+
+Specify general options.
+
+General options:
+.nf
+ nettimeout=<timeout> (in seconds, or "none" or "max")
+ ldif-wrap=<width> (in columns, or "no" for no wrapping)
+.fi
.TP
-.BI \-H \ URI
-Specify URI(s) referring to the ldap server(s); only the protocol/host/port
-fields are allowed; a list of URI, separated by whitespace or commas
-is expected.
+.BI \-O \ security-properties
+Specify SASL security properties.
.TP
.BI \-I
Enable SASL Interactive mode. Always prompt. Default is to prompt
only as needed.
.TP
-.BI \-n
-Show what would be done but don't actually do it.
-Useful for debugging in conjunction with \fB\-v\fP.
-.TP
-.BI \-N
-Do not use reverse DNS to canonicalize SASL host name.
-.TP
-.BI \-O \ security-properties
-Specify SASL security properties.
-.TP
-.BI \-o \ opt\fR[\fP = optparam\fR]
-Specify general options:
-.nf
- nettimeout=<timeout> (in seconds, or "none" or "max")
-.fi
-.TP
-.BI \-p \ port
-Specify the TCP port where the ldap server is listening.
-Deprecated in favor of \fB\-H\fP.
-.TP
.BI \-Q
Enable SASL Quiet mode. Never prompt.
.TP
-.BI \-R \ realm
-Specify the realm of authentication ID for SASL bind. The form of the realm
-depends on the actual SASL mechanism used.
+.B \-N
+Do not use reverse DNS to canonicalize SASL host name.
.TP
.BI \-U \ authcid
Specify the authentication ID for SASL bind. The form of the ID
depends on the actual SASL mechanism used.
.TP
-.BI \-v
-Run in verbose mode, with many diagnostics written to standard output.
-.TP
-.BI \-V
-Print version info and usage message.
-If\fB\-VV\fP is given, only the version information is printed.
-.TP
-.BI \-w \ passwd
-Use \fIpasswd\fP as the password for simple authentication.
-.TP
-.BI \-W
-Prompt for simple authentication.
-This is used instead of specifying the password on the command line.
-.TP
-.BI \-x
-Use simple authentication instead of SASL.
+.BI \-R \ realm
+Specify the realm of authentication ID for SASL bind. The form of the realm
+depends on the actual SASL mechanism used.
.TP
.BI \-X \ authzid
Specify the requested authorization ID for SASL bind.
or
.BI u: <username>
.TP
-.BI \-y \ file
-Use complete contents of \fIfile\fP as the password for
-simple authentication.
-.TP
.BI \-Y \ mech
Specify the SASL mechanism to be used for authentication.
Without this option, the program will choose the best mechanism the server knows.