openldap/doc/devel/args

58 lines
1.5 KiB
Plaintext
Raw Normal View History

Tools ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
2002-12-05 08:19:21 +08:00
ldapcompare * DE *HI*K M*OPQR U*WXYZ de *h**k *n*p* vwx z
Patch: 'ldapmodify -y file' reads password from file (ITS#2031) ================ Written by Hallvard B. Furuseth and placed into the public domain. This software is not subject to any license of the University of Oslo. ================ Adapted by Kurt Zeilenga for inclusion in OpenLDAP. My comments are marked with enclosed with square brackets (e.g. [Kurt's comment] below. ================ If I run ldapmodify & co from a script, I don't want to use '-W password' because the password shows up in the output of 'ps' for everyone, and I can't pipe the password to 'ldapmodify -w' because -w uses getpassphrase() which reads from the tty instead of stdin. So I added '-y file' which reads the password from file. The programs exit if the file cannot be read. [Complete contents of file is used as password. Use: echo -n "secret" > password to create a file with "secret" as the password. The -n avoids adding a newline (which would invalidate the password). Note that echo is a builtin and hence its arguments are not visible to 'ps'.] I changed ldapmodify, ldapmodrdn, ldapdelete, ldapsearch, ldapcompare. I did not bother to change ldappasswd and ldapwhoami, because they prompt for many passwords. [I fixed up ldapwhoami.] Rerun autoconf after applying this patch. [Done.] Note: I do not know if Windows NT has fstat(), so I set HAVE_FSTAT to undef in portable.nt. (fstat() is used to warn if the file is publicly readable or writeable.) [I used fstat() to set the buffer size to read.] [Note: using the contents of a file extends the tools to support passwords which could not normally be provided using getpassphrase() or via the command line.] Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002. [Kurt D. Zeilenga <kurt@openldap.org>, Aug 2002.]
2002-08-24 13:47:17 +08:00
ldapdelete *CDE *HI*K M*OPQR U*WXYZ cdef*h**k *n*p* vwxy
ldapmodify *CDEF*HI*K M*OPQRS U*WXYZabcdef*h**k *n*p*r t vwxy
ldapmodrdn *CDE *HI*K M*OPQR U*WXYZ cdef*h**k *n*p*rs vwxy
ldappasswd A*CDE *HI* *O QRS U*WXYZa de *h** * * * s vwxy
ldapsearch A*CDE *HI*KLM*OPQRSTU*WXYZab*def*h**kl*n*p* stuvwxyz
2002-12-05 08:19:21 +08:00
ldapwhoami * DE *HI* *O QR U*WXYZ def*h** *n*p* vwx
2000-01-11 09:18:51 +08:00
* reserved
2002-06-16 06:18:51 +08:00
GJNgijmoqy01235789
* General flags:
2000-06-26 04:22:59 +08:00
-C Chase Referrals
-D Bind DN
2001-12-27 08:42:04 +08:00
-E CommandSpecific Extensions (e.g., -E <[!]oid[=options]>*)
-e General Extensions (e.g., -e <[!]oid[=options]>*)
-H URI
-P protocol version
2001-01-20 09:16:19 +08:00
-V version information
-W prompt for bind password
-d debug
-h host
-n no-op
-p port
-v verbose
Patch: 'ldapmodify -y file' reads password from file (ITS#2031) ================ Written by Hallvard B. Furuseth and placed into the public domain. This software is not subject to any license of the University of Oslo. ================ Adapted by Kurt Zeilenga for inclusion in OpenLDAP. My comments are marked with enclosed with square brackets (e.g. [Kurt's comment] below. ================ If I run ldapmodify & co from a script, I don't want to use '-W password' because the password shows up in the output of 'ps' for everyone, and I can't pipe the password to 'ldapmodify -w' because -w uses getpassphrase() which reads from the tty instead of stdin. So I added '-y file' which reads the password from file. The programs exit if the file cannot be read. [Complete contents of file is used as password. Use: echo -n "secret" > password to create a file with "secret" as the password. The -n avoids adding a newline (which would invalidate the password). Note that echo is a builtin and hence its arguments are not visible to 'ps'.] I changed ldapmodify, ldapmodrdn, ldapdelete, ldapsearch, ldapcompare. I did not bother to change ldappasswd and ldapwhoami, because they prompt for many passwords. [I fixed up ldapwhoami.] Rerun autoconf after applying this patch. [Done.] Note: I do not know if Windows NT has fstat(), so I set HAVE_FSTAT to undef in portable.nt. (fstat() is used to warn if the file is publicly readable or writeable.) [I used fstat() to set the buffer size to read.] [Note: using the contents of a file extends the tools to support passwords which could not normally be provided using getpassphrase() or via the command line.] Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002. [Kurt D. Zeilenga <kurt@openldap.org>, Aug 2002.]
2002-08-24 13:47:17 +08:00
-y Bind password-file
-w Bind password
2002-06-16 06:18:51 +08:00
-4 IPv4 only
-6 IPv6 only
2000-04-12 08:03:07 +08:00
* LDAPv3 Only
-x simple bind (not recommended excepting for
anonymous access, w/ -ZZ, or with ldaps://.
-M ManageDSAIT
-Z StartTLS
-Y SASL Mechanism (defaults to "best")
-R SASL Realm (defaults to empty)
-O SASL Security Options (defaults to "noanonymous,noplain")
-U SASL Authentication Identity (defaults to USER)
-X SASL Authorization Identity (defaults to empty)
-I SASL interactive mode (default: automatic)
-Q SASL quiet mode (default: automatic)
* LDAPv2+ Only (DEPRECATED)
-K LDAPv2 Kerberos Bind (Step 1 only)
-k LDAPv2 Kerberos Bind
2000-04-12 08:03:07 +08:00
2000-07-29 11:15:58 +08:00
---
2000-01-11 09:18:51 +08:00
$OpenLDAP$