.TP
.BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
-Specify general extensions with \fB\-e\fP and search extensions with \fB\-E\fP.
+Specify general extensions with \fB\-e\fP and compare extensions with \fB\-E\fP.
\'\fB!\fP\' indicates criticality.
General extensions:
.nf
- [!]assert=<filter> (an RFC 4515 Filter)
- [!]authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]assert=<filter> (an RFC 4515 Filter)
+ !authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]bauthzid (RFC 3829 authzid control)
+ [!]chaining[=<resolve>[/<cont>]]
[!]manageDSAit
[!]noop
ppolicy
- [!]postread[=<attrs>] (a comma-separated attribute list)
- [!]preread[=<attrs>] (a comma-separated attribute list)
- abandon, cancel (SIGINT sends abandon/cancel; not really controls)
+ [!]postread[=<attrs>] (a comma-separated attribute list)
+ [!]preread[=<attrs>] (a comma-separated attribute list)
+ [!]relax
+ sessiontracking
+ abandon,cancel,ignore (SIGINT sends abandon/cancel,
+ or ignores response; if critical, doesn't wait for SIGINT.
+ not really controls)
.fi
-Search extensions:
+Compare extensions:
.nf
- [!]domainScope (domain scope)
- [!]mv=<filter> (matched values filter)
- [!]pr=<size>[/prompt|noprompt] (paged results/prompt)
- [!]sss=[\-]<attr[:OID]>[/[\-]<attr[:OID]>...] (server side sorting)
- [!]subentries[=true|false] (subentries)
- [!]sync=ro[/<cookie>] (LDAP Sync refreshOnly)
- rp[/<cookie>][/<slimit>] (LDAP Sync refreshAndPersist)
+ !dontUseCopy
.fi
.TP
.BI \-O \ security-properties
.TP
.BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
-Specify general extensions with \fB\-e\fP and search extensions with \fB\-E\fP.
+Specify general extensions with \fB\-e\fP and delete extensions with \fB\-E\fP.
\'\fB!\fP\' indicates criticality.
General extensions:
.nf
- [!]assert=<filter> (an RFC 4515 Filter)
- [!]authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]assert=<filter> (an RFC 4515 Filter)
+ !authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]bauthzid (RFC 3829 authzid control)
+ [!]chaining[=<resolve>[/<cont>]]
[!]manageDSAit
[!]noop
ppolicy
- [!]postread[=<attrs>] (a comma-separated attribute list)
- [!]preread[=<attrs>] (a comma-separated attribute list)
- abandon, cancel (SIGINT sends abandon/cancel; not really controls)
+ [!]postread[=<attrs>] (a comma-separated attribute list)
+ [!]preread[=<attrs>] (a comma-separated attribute list)
+ [!]relax
+ sessiontracking
+ abandon,cancel,ignore (SIGINT sends abandon/cancel,
+ or ignores response; if critical, doesn't wait for SIGINT.
+ not really controls)
.fi
-Search extensions:
+Delete extensions:
.nf
- [!]domainScope (domain scope)
- [!]mv=<filter> (matched values filter)
- [!]pr=<size>[/prompt|noprompt] (paged results/prompt)
- [!]sss=[\-]<attr[:OID]>[/[\-]<attr[:OID]>...] (server side sorting)
- [!]subentries[=true|false] (subentries)
- [!]sync=ro[/<cookie>] (LDAP Sync refreshOnly)
- rp[/<cookie>][/<slimit>] (LDAP Sync refreshAndPersist)
+ (none)
.fi
.TP
.B \-r
.BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
Specify general extensions. \'!\' indicates criticality.
.nf
- [!]assert=<filter> (RFC 4528; a RFC 4515 Filter string)
- [!]authzid=<authzid> (RFC 4370; "dn:<dn>" or "u:<user>")
- [!]chaining[=<resolveBehavior>[/<continuationBehavior>]]
- one of "chainingPreferred", "chainingRequired",
- "referralsPreferred", "referralsRequired"
- [!]manageDSAit (RFC 3296)
+ [!]assert=<filter> (an RFC 4515 Filter)
+ !authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]bauthzid (RFC 3829 authzid control)
+ [!]chaining[=<resolve>[/<cont>]]
+ [!]manageDSAit
[!]noop
ppolicy
- [!]postread[=<attrs>] (RFC 4527; comma-separated attr list)
- [!]preread[=<attrs>] (RFC 4527; comma-separated attr list)
+ [!]postread[=<attrs>] (a comma-separated attribute list)
+ [!]preread[=<attrs>] (a comma-separated attribute list)
[!]relax
- abandon, cancel, ignore (SIGINT sends abandon/cancel,
+ sessiontracking
+ abandon,cancel,ignore (SIGINT sends abandon/cancel,
or ignores response; if critical, doesn't wait for SIGINT.
not really controls)
.fi
.TP
.BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
-Specify general extensions with \fB\-e\fP and search extensions with \fB\-E\fP.
+Specify general extensions with \fB\-e\fP and modify extensions with \fB\-E\fP.
\'\fB!\fP\' indicates criticality.
General extensions:
.nf
- [!]assert=<filter> (an RFC 4515 Filter)
- [!]authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]assert=<filter> (an RFC 4515 Filter)
+ !authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]bauthzid (RFC 3829 authzid control)
+ [!]chaining[=<resolve>[/<cont>]]
[!]manageDSAit
[!]noop
ppolicy
- [!]postread[=<attrs>] (a comma-separated attribute list)
- [!]preread[=<attrs>] (a comma-separated attribute list)
- abandon, cancel (SIGINT sends abandon/cancel; not really controls)
+ [!]postread[=<attrs>] (a comma-separated attribute list)
+ [!]preread[=<attrs>] (a comma-separated attribute list)
+ [!]relax
+ sessiontracking
+ abandon,cancel,ignore (SIGINT sends abandon/cancel,
+ or ignores response; if critical, doesn't wait for SIGINT.
+ not really controls)
.fi
-Search extensions:
+Modify extensions:
.nf
- [!]domainScope (domain scope)
- [!]mv=<filter> (matched values filter)
- [!]pr=<size>[/prompt|noprompt] (paged results/prompt)
- [!]sss=[\-]<attr[:OID]>[/[\-]<attr[:OID]>...] (server side sorting)
- [!]subentries[=true|false] (subentries)
- [!]sync=ro[/<cookie>] (LDAP Sync refreshOnly)
- rp[/<cookie>][/<slimit>] (LDAP Sync refreshAndPersist)
+ [!]txn[=abort|commit]
.fi
.TP
.B \-I
.TP
.BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
-Specify general extensions with \fB\-e\fP and search extensions with \fB\-E\fP.
+Specify general extensions with \fB\-e\fP and modrdn extensions with \fB\-E\fP.
\'\fB!\fP\' indicates criticality.
General extensions:
.nf
- [!]assert=<filter> (an RFC 4515 Filter)
- [!]authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]assert=<filter> (an RFC 4515 Filter)
+ !authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]bauthzid (RFC 3829 authzid control)
+ [!]chaining[=<resolve>[/<cont>]]
[!]manageDSAit
[!]noop
ppolicy
- [!]postread[=<attrs>] (a comma-separated attribute list)
- [!]preread[=<attrs>] (a comma-separated attribute list)
- abandon, cancel (SIGINT sends abandon/cancel; not really controls)
+ [!]postread[=<attrs>] (a comma-separated attribute list)
+ [!]preread[=<attrs>] (a comma-separated attribute list)
+ [!]relax
+ sessiontracking
+ abandon,cancel,ignore (SIGINT sends abandon/cancel,
+ or ignores response; if critical, doesn't wait for SIGINT.
+ not really controls)
.fi
-Search extensions:
+Modrdn extensions:
.nf
- [!]domainScope (domain scope)
- [!]mv=<filter> (matched values filter)
- [!]pr=<size>[/prompt|noprompt] (paged results/prompt)
- [!]sss=[\-]<attr[:OID]>[/[\-]<attr[:OID]>...] (server side sorting)
- [!]subentries[=true|false] (subentries)
- [!]sync=ro[/<cookie>] (LDAP Sync refreshOnly)
- rp[/<cookie>][/<slimit>] (LDAP Sync refreshAndPersist)
+ (none)
.fi
.TP
.B \-I
.BI \-O \ security-properties
Specify SASL security properties.
.TP
+.BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
+.TP
+.BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
+
+Specify general extensions with \fB\-e\fP and passwd modify extensions with \fB\-E\fP.
+\'\fB!\fP\' indicates criticality.
+
+General extensions:
+.nf
+ [!]assert=<filter> (an RFC 4515 Filter)
+ !authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]bauthzid (RFC 3829 authzid control)
+ [!]chaining[=<resolve>[/<cont>]]
+ [!]manageDSAit
+ [!]noop
+ ppolicy
+ [!]postread[=<attrs>] (a comma-separated attribute list)
+ [!]preread[=<attrs>] (a comma-separated attribute list)
+ [!]relax
+ sessiontracking
+ abandon,cancel,ignore (SIGINT sends abandon/cancel,
+ or ignores response; if critical, doesn't wait for SIGINT.
+ not really controls)
+.fi
+
+Passwd Modify extensions:
+.nf
+ (none)
+.fi
+.TP
.B \-I
Enable SASL Interactive mode. Always prompt. Default is to prompt
only as needed.
General extensions:
.nf
- [!]assert=<filter> (an RFC 4515 Filter)
- [!]authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]assert=<filter> (an RFC 4515 Filter)
+ !authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]bauthzid (RFC 3829 authzid control)
+ [!]chaining[=<resolve>[/<cont>]]
[!]manageDSAit
[!]noop
ppolicy
- [!]postread[=<attrs>] (a comma-separated attribute list)
- [!]preread[=<attrs>] (a comma-separated attribute list)
- abandon, cancel (SIGINT sends abandon/cancel; not really controls)
+ [!]postread[=<attrs>] (a comma-separated attribute list)
+ [!]preread[=<attrs>] (a comma-separated attribute list)
+ [!]relax
+ sessiontracking
+ abandon,cancel,ignore (SIGINT sends abandon/cancel,
+ or ignores response; if critical, doesn't wait for SIGINT.
+ not really controls)
.fi
Search extensions:
.nf
+ !dontUseCopy
[!]domainScope (domain scope)
[!]mv=<filter> (matched values filter)
[!]pr=<size>[/prompt|noprompt] (paged results/prompt)
[!]sync=ro[/<cookie>] (LDAP Sync refreshOnly)
rp[/<cookie>][/<slimit>] (LDAP Sync refreshAndPersist)
[!]vlv=<before>/<after>(/<offset>/<count>|:<value>) (virtual list view)
+ [!]deref=derefAttr:attr[,attr[...]][;derefAttr:attr[,attr[...]]]
+ [!]<oid>[=<value>]
.fi
.TP
.BI \-l \ timelimit
Set the \fIsearchbase\fP.
.TP
.BR \-e \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
-.TP
-.BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
-Specify general extensions with \fB\-e\fP and search extensions with \fB\-E\fP.
+Specify general extensions with \fB\-e\fP
\'\fB!\fP\' indicates criticality.
General extensions:
.nf
- [!]assert=<filter> (an RFC 4515 Filter)
- [!]authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]assert=<filter> (an RFC 4515 Filter)
+ !authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]bauthzid (RFC 3829 authzid control)
+ [!]chaining[=<resolve>[/<cont>]]
[!]manageDSAit
[!]noop
ppolicy
- [!]postread[=<attrs>] (a comma-separated attribute list)
- [!]preread[=<attrs>] (a comma-separated attribute list)
- abandon, cancel (SIGINT sends abandon/cancel; not really controls)
+ [!]postread[=<attrs>] (a comma-separated attribute list)
+ [!]preread[=<attrs>] (a comma-separated attribute list)
+ [!]relax
+ sessiontracking
+ abandon,cancel,ignore (SIGINT sends abandon/cancel,
+ or ignores response; if critical, doesn't wait for SIGINT.
+ not really controls)
.fi
-Search extensions:
-.nf
- [!]domainScope (domain scope)
- [!]mv=<filter> (matched values filter)
- [!]pr=<size>[/prompt|noprompt] (paged results/prompt)
- [!]sss=[\-]<attr[:OID]>[/[\-]<attr[:OID]>...] (server side sorting)
- [!]subentries[=true|false] (subentries)
- [!]sync=ro[/<cookie>] (LDAP Sync refreshOnly)
- rp[/<cookie>][/<slimit>] (LDAP Sync refreshAndPersist)
-.fi
.TP
+.BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
+Set URL extensions; incompatible with
+.BR \-H .
.TP
.BI \-f \ filter
Set the URL filter. No particular check on conformity with RFC 4515
.TP
.BR \-E \ [ ! ] \fIext\fP [ =\fIextparam\fP ]
-Specify general extensions with \fB\-e\fP and search extensions with \fB\-E\fP.
+Specify general extensions with \fB\-e\fP and whoami extensions with \fB\-E\fP.
\'\fB!\fP\' indicates criticality.
General extensions:
.nf
- [!]assert=<filter> (an RFC 4515 Filter)
- [!]authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]assert=<filter> (an RFC 4515 Filter)
+ !authzid=<authzid> ("dn:<dn>" or "u:<user>")
+ [!]bauthzid (RFC 3829 authzid control)
+ [!]chaining[=<resolve>[/<cont>]]
[!]manageDSAit
[!]noop
ppolicy
- [!]postread[=<attrs>] (a comma-separated attribute list)
- [!]preread[=<attrs>] (a comma-separated attribute list)
- abandon, cancel (SIGINT sends abandon/cancel; not really controls)
+ [!]postread[=<attrs>] (a comma-separated attribute list)
+ [!]preread[=<attrs>] (a comma-separated attribute list)
+ [!]relax
+ sessiontracking
+ abandon,cancel,ignore (SIGINT sends abandon/cancel,
+ or ignores response; if critical, doesn't wait for SIGINT.
+ not really controls)
.fi
-Search extensions:
+WhoAmI extensions:
.nf
- [!]domainScope (domain scope)
- [!]mv=<filter> (matched values filter)
- [!]pr=<size>[/prompt|noprompt] (paged results/prompt)
- [!]sss=[\-]<attr[:OID]>[/[\-]<attr[:OID]>...] (server side sorting)
- [!]subentries[=true|false] (subentries)
- [!]sync=ro[/<cookie>] (LDAP Sync refreshOnly)
- rp[/<cookie>][/<slimit>] (LDAP Sync refreshAndPersist)
+ (none)
.fi
.TP
.B \-I
projects / openldap / commitdiff