From 0d745b2665f7ff04f5a75bf8435cb6098276984c Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Sat, 7 Mar 2009 15:44:30 +0000 Subject: [PATCH] import ldapexop (provided by Peter Marschall, ITS#5982, with minor cleanup) --- doc/man/man1/ldapexop.1 | 252 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 252 insertions(+) create mode 100644 doc/man/man1/ldapexop.1 diff --git a/doc/man/man1/ldapexop.1 b/doc/man/man1/ldapexop.1 new file mode 100644 index 0000000000..1cbb5170d6 --- /dev/null +++ b/doc/man/man1/ldapexop.1 @@ -0,0 +1,252 @@ +.\" $OpenLDAP$ +.\" This contribution is derived from OpenLDAP Software. +.\" All of the modifications to OpenLDAP Software represented in this +.\" contribution were developed by Peter Marschall . +.\" I have not assigned rights and/or interest in this work to any party. +.\" +.\" Copyright 2009 Peter Marschall +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted only as authorized by the OpenLDAP Public License. +.\" +.\" A copy of this license is available in file LICENSE in the +.\" top-level directory of the distribution or, alternatively, at +.\" http://www.OpenLDAP.org/license.html. + +.TH LDAPEXOP 1 + +.SH NAME +ldapexop \- issue LDAP extended operations + +.SH SYNOPSIS +ldapexop +[\c +.BI \-d \ level\fR] +[\c +.BI \-D \ binddn\fR] +[\c +.BI \-e \ [!]ext[=extparam]\fR] +[\c +.BI \-f \ file\fR] +[\c +.BI \-h \ host\fR] +[\c +.BI \-H \ URI\fR] +[\c +.BR \-I ] +[\c +.BR \-n ] +[\c +.BR \-N ] +[\c +.BI \-O \ security-properties\fR] +[\c +.BI \-o \ [!]ext[=extparam]\fR] +[\c +.BI \-p \ port\fR] +[\c +.BR \-Q ] +[\c +.BI \-R \ realm\fR] +[\c +.BI \-U \ authcid\fR] +[\c +.BR \-v ] +[\c +.BR \-V ] +[\c +.BI \-w \ passwd\fR] +[\c +.BR \-W ] +[\c +.BR \-x ] +[\c +.BI \-X \ authzid\fR] +[\c +.BI \-y \ file\fR] +[\c +.BI \-Y \ mech\fR] +[\c +.BR \-Z[Z] ] +\ { +.I oid +| +.BI oid: data +| +.BI oid:: b64data +| +.B whoami +| +.BI cancel \ cancel-id +| +.BI refresh \ DN \ \fR[\fIttl\fR] +} + +.SH DESCRIPTION +ldapexop issues the LDAP extended operation specified by \fBoid\fP +or one of the special keywords \fBwhoami\fP, \fBcancel\fP, or \fBrefresh\fP. + +Additional data for the extended operation can be passed to the server using +\fIdata\fP or base-64 encoded as \fIb64data\fP in the case of \fBoid\fP, +or using the additional parameters in the case of the specially named extended +operations above. + +Please note that ldapexop behaves differently for the same extended operation +when it was given as an OID or as a specialliy named operation: + +Calling ldapexop with the OID of the \fBwhoami\fP (RFC 4532) extended operation +.nf + + ldapexop [] 1.3.6.1.4.1.4203.1.11.3 + +.fi +yields +.nf + + # extended operation response + data:: + +.fi +while calling it with the keyword \fBwhoami\fP +.nf + + ldapexop [] whoami + +.fi +results in +.nf + + dn: + +.fi + + +.SH OPTIONS +.TP +.BI \-d \ level +Set the LDAP debugging level to \fIlevel\fP. +.TP +.BI \-D \ binddn +Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory. +.TP +.BI \-e \ [!]ext[=extparam] +Specify general extensions. \'!\' indicates criticality. +.nf + [!]assert= (RFC 4528; a RFC 4515 Filter string) + [!]authzid= (RFC 4370; "dn:" or "u:") + [!]chaining[=[/]] + one of "chainingPreferred", "chainingRequired", + "referralsPreferred", "referralsRequired" + [!]manageDSAit (RFC 3296) + [!]noop + ppolicy + [!]postread[=] (RFC 4527; comma-separated attr list) + [!]preread[=] (RFC 4527; comma-separated attr list) + [!]relax + abandon, cancel, ignore (SIGINT sends abandon/cancel, + or ignores response; if critical, doesn't wait for SIGINT. + not really controls) +.fi +.TP +.BI \-f \ file +Read operations from \fIfile\fP. +.TP +.BI \-h \ host +Specify the host on which the ldap server is running. +Deprecated in favor of \fB-H\fP. +.TP +.BI \-H \ URI +Specify URI(s) referring to the ldap server(s); only the protocol/host/port +fields are allowed; a list of URI, separated by whitespace or commas +is expected. +.TP +.BI \-I +Enable SASL Interactive mode. Always prompt. Default is to prompt +only as needed. +.TP +.BI \-n +Show what would be done but don't actually do it. +Useful for debugging in conjunction with \fB-v\fP. +.TP +.BI \-N +Do not use reverse DNS to canonicalize SASL host name. +.TP +.BI \-O \ security-properties +Specify SASL security properties. +.TP +.BI \-o \ opt[=optparam] +Specify general options: +.nf + nettimeout= (in seconds, or "none" or "max") +.fi +.TP +.BI \-p \ port +Specify the TCP port where the ldap server is listening. +Deprecated in favor of \fB-H\fP. +.TP +.BI \-Q +Enable SASL Quiet mode. Never prompt. +.TP +.BI \-R \ realm +Specify the realm of authentication ID for SASL bind. The form of the realm +depends on the actual SASL mechanism used. +.TP +.BI \-U \ authcid +Specify the authentication ID for SASL bind. The form of the ID +depends on the actual SASL mechanism used. +.TP +.BI \-v +Run in verbose mode, with many diagnostics written to standard output. +.TP +.BI \-V +Print version info and usage message. +If\fB-VV\fP is given, only the version information is printed. +.TP +.BI \-w \ passwd +Use \fIpasswd\fP as the password for simple authentication. +.TP +.BI \-W +Prompt for simple authentication. +This is used instead of specifying the password on the command line. +.TP +.BI \-x +Use simple authentication instead of SASL. +.TP +.BI \-X \ authzid +Specify the requested authorization ID for SASL bind. +.I authzid +must be one of the following formats: +.B dn:\c +.I +or +.B u:\c +.I +.TP +.BI \-y \ file +Use complete contents of \fIfile\fP as the password for +simple authentication. +.TP +.BI \-Y \ mech +Specify the SASL mechanism to be used for authentication. +Without this option, the program will choose the best mechanism the server knows. +.TP +.B \-Z[Z] +Issue StartTLS (Transport Layer Security) extended operation. +Giving it twice (\fB-ZZ\fP) will require the operation to be successful. + +.SH DIAGNOSTICS +Exit status is zero if no errors occur. +Errors result in a non-zero exit status and +a diagnostic message being written to standard error. + +.SH "SEE ALSO" +.BR ldap_extended_operation_s (3) + +.SH AUTHOR +This manual page was written by Peter Marschall +based on \fBldapexop\fP's usage message and a few tests +with \fBldapexop\fP. +Do not expect it to be complete or absolutely correct. + +.SH ACKNOWLEDGEMENTS +The OpenLDAP Project + -- 2.39.5