From: Kurt Zeilenga Date: Mon, 12 Aug 2002 17:28:38 +0000 (+0000) Subject: RELEASEDATE X-Git-Tag: OPENLDAP_REL_ENG_2_1_4~35 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=12fdb9d9ee795f7a94b076d5c4923a64dfffba3b;p=openldap RELEASEDATE --- diff --git a/doc/man/man1/ldapcompare.1 b/doc/man/man1/ldapcompare.1 new file mode 100644 index 0000000000..b1fffcd59c --- /dev/null +++ b/doc/man/man1/ldapcompare.1 @@ -0,0 +1,191 @@ +.TH LDAPCOMPARE 1 "RELEASEDATE" "OpenLDAP LDVERSION" +.\" $OpenLDAP$ +.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved. +.\" Copying restrictions apply. See COPYRIGHT/LICENSE. +.SH NAME +ldapcompare \- LDAP compare tool +.SH SYNOPSIS +.B ldapcompare +[\c +.BR \-n ] +[\c +.BR \-v ] +[\c +.BR \-z ] +[\c +.BR \-k ] +[\c +.BR \-K ] +[\c +.BR \-M[M] ] +[\c +.BI \-d \ debuglevel\fR] +[\c +.BI \-D \ binddn\fR] +[\c +.BR \-W ] +[\c +.BI \-w \ bindpasswd\fR] +[\c +.BI \-H \ ldapuri\fR] +[\c +.BI \-h \ ldaphost\fR] +[\c +.BI \-p \ ldapport\fR] +[\c +.BI \-P \ 2\fR\||\|\fI3\fR] +[\c +.BR \-O \ security-properties ] +[\c +.BR \-I ] +[\c +.BR \-Q ] +[\c +.BI \-U \ authcid\fR] +[\c +.BR \-x ] +[\c +.BI \-X \ authzid\fR] +[\c +.BI \-Y \ mech\fR] +[\c +.BR \-Z[Z] ] +.IR DN \ < +.BR attr:value \ | +.BR attr::b64value \ > +.SH DESCRIPTION +.I ldapcompare +is a shell-accessible interface to the +.BR ldap_compare (3) +library call. +.LP +.B ldapcompare +opens a connection to an LDAP server, binds, and performs a compare +using specified parameters. The \fIDN\fP should be a distinguished +name in the directory. \fIAttr\fP should be a known attribute. If +followed by one colon, the assertion \fIvalue\fP should be provided +as a string. If followed by two colons, the base64 encoding of the +value is provided. +.LP +.SH OPTIONS +.TP +.B \-n +Show what would be done, but don't actually perform the compare. Useful for +debugging in conjunction with -v. +.TP +.B \-v +Run in verbose mode, with many diagnostics written to standard output. +.TP +.B \-z +Run in quiet mode, no output is written. You must check the return +status. Useful in shell scripts. +.TP +.B \-k +Use Kerberos IV authentication instead of simple authentication. It is +assumed that you already have a valid ticket granting ticket. +.B ldapcompare +must be compiled with Kerberos support for this option to have any effect. +.TP +.B \-K +Same as \-k, but only does step 1 of the Kerberos IV bind. This is useful +when connecting to a slapd and there is no x500dsa.hostname principal +registered with your Kerberos Domain Controller(s). +.TP +.B \-M[M] +Enable manage DSA IT control. +.B \-MM +makes control critical. +.TP +.BI \-d \ debuglevel +Set the LDAP debugging level to \fIdebuglevel\fP. +.B ldapcompare +must be compiled with LDAP_DEBUG defined for this option to have any effect. +.TP +.B \-x +Use simple authentication instead of SASL. +.TP +.BI \-D \ binddn +Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. +.TP +.B \-W +Prompt for simple authentication. +This is used instead of specifying the password on the command line. +.TP +.BI \-w \ bindpasswd +Use \fIbindpasswd\fP as the password for simple authentication. +.TP +.BI \-H \ ldapuri +Specify URI(s) referring to the ldap server(s). +.TP +.BI \-h \ ldaphost +Specify an alternate host on which the ldap server is running. +Deprecated in favor of -H. +.TP +.BI \-p \ ldapport +Specify an alternate TCP port where the ldap server is listening. +Deprecated in favor of -H. +.TP +.BI \-P \ 2\fR\||\|\fI3 +Specify the LDAP protocol version to use. +.TP +.BI \-O \ security-properties +Specify SASL security properties. +.TP +.B \-I +Enable SASL Interactive mode. Always prompt. Default is to prompt +only as needed. +.TP +.B \-Q +Enable SASL Quiet mode. Never prompt. +.TP +.BI \-U \ authcid +Specify the authentication ID for SASL bind. The form of the ID +depends on the actual SASL mechanism used. +.TP +.BI \-X \ authzid +Specify the requested authorization ID for SASL bind. +.I authzid +must be one of the following formats: +.B dn:\c +.I +or +.B u:\c +.I +.TP +.BI \-Y \ mech +Specify the SASL mechanism to be used for authentication. If it's not +specified, the program will choose the best mechanism the server knows. +.TP +.B \-Z[Z] +Issue StartTLS (Transport Layer Security) extended operation. If you use +.B \-ZZ\c +, the command will require the operation to be successful. +.SH EXAMPLE +.nf + ldapcompare "uid=babs,dc=example,dc=com" sn Jensen + ldapcompare "uid=babs,dc=example,dc=com" sn:Jensen + ldapcompare "uid=babs,dc=example,dc=com" sn::SmVuc2Vu +.fi +are all equivalent. +.SH DIAGNOSTICS +When -z is used, exit status is either 5 if the compare is false, or 6 +when the compare is true. Errors result in other non-zero values. +.br +When -z is not used, exit status is zero if no errors occur. +Errors result in a non-zero exit status and +a diagnostic message being written to standard error. +.SH BUGS +Should have a way to specify a url for options or for large binary +file compares. +.SH "SEE ALSO" +.BR ldap.conf (5), +.BR ldif (5), +.BR ldap (3), +.BR ldap_compare (3) +.SH AUTHOR +The OpenLDAP Project +.SH ACKNOWLEDGEMENTS +.B OpenLDAP +is developed and maintained by The OpenLDAP Project (http://www.openldap.org/). +.B OpenLDAP +is derived from University of Michigan LDAP 3.3 Release.