openldap/doc/devel/args

Tools           ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
ldapcompare      * DE**HI*K M*OPQR  UVWXYZ   de *h**k *n*p*    vwxyz
ldapdelete       *CDE**HI*K M*OPQR  UVWXYZ  cdef*h**k *n*p*    vwxy
ldapmodify       *CDE**HI*K M*OPQRS UVWXYZabcde *h**k *n*p*r t vwxy
ldapmodrdn       *CDE**HI*K M*OPQR  UVWXYZ  cdef*h**k *n*p*rs  vwxy
ldappasswd      A*CDE**HI*   *O QRS UVWXYZa  def*h**  * * * s  vwxy  
ldapsearch      A*CDE**HI*KLM*OPQRSTUVWXYZab def*h**kl*n*p* stuvwxyz
ldapwhoami       * DE**HI*   *O QR  UVWXYZ   def*h**  *n*p*    vwxy 


* reserved
	BFGJgijmoq01235789

* General flags:
	-C Chase Referrals
	-D Bind DN
	-E Tool-specific Extensions	(e.g., -E <[!]oid[=options]>*)
	-e General Extensions		(e.g., -e <[!]oid[=options]>*)
	-f file
	-H URI
	-P protocol version
	-V version information
	-W prompt for bind password
	-d debug
	-h host
	-n no-op
	-N no (SASLprep) normalization of simple bind password
	-p port
	-v verbose
	-V version
	-x simple bind
	-y Bind password-file
	-w Bind password
	-4 IPv4 only
	-6 IPv6 only


* LDAPv3 Only 
	-M ManageDSAIT
	-Z StartTLS

	-Y SASL Mechanism (defaults to "best")
	-R SASL Realm (defaults to empty)
	-O SASL Security Options (defaults to "noanonymous,noplain")
	-U SASL Authentication Identity (defaults to USER)
	-X SASL Authorization Identity (defaults to empty)

	-I SASL interactive mode (default: automatic)
	-Q SASL quiet mode (default: automatic)


* LDAPv2+ Only (DEPRECATED)
	-K LDAPv2 Kerberos Bind (Step 1 only)
	-k LDAPv2 Kerberos Bind


---
$OpenLDAP$
Add description of global command line arguments.... 2000-04-25 18:34:19 +08:00			`Tools ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz`
enable abandon/cancel in ldapsearch (ITS#3670) 2005-04-20 02:07:27 +08:00			`ldapcompare * DE*HIK MOPQR UVWXYZ de h*k np vwxyz`
Add additional password file support. 2003-03-31 14:29:59 +08:00			`ldapdelete CDEHIK MOPQR UVWXYZ cdefh*k np vwxy`
			`ldapmodify CDEHIK MOPQRS UVWXYZabcde h*k npr t vwxy`
			`ldapmodrdn CDEHIK MOPQR UVWXYZ cdefh*k nprs vwxy`
			`ldappasswd ACDEHI O QRS UVWXYZa defh** * * * s vwxy`
allow abandon/cancel for all tools 2005-04-20 05:21:51 +08:00			`ldapsearch ACDEHIKLMOPQRSTUVWXYZab defh*klnp stuvwxyz`
enable abandon/cancel in ldapsearch (ITS#3670) 2005-04-20 02:07:27 +08:00			`ldapwhoami * DE*HI O QR UVWXYZ defh** np* vwxy`
Add RCSid 2000-01-11 09:18:51 +08:00

update based upon latest changes and thoughts 2000-05-04 02:58:20 +08:00			`* reserved`
reserve -N for "disable SASLprep" future use 2005-12-24 07:49:48 +08:00			`BFGJgijmoq01235789`
update based upon latest changes and thoughts 2000-05-04 02:58:20 +08:00
Add description of global command line arguments.... 2000-04-25 18:34:19 +08:00			`* General flags:`
-C/-R changes 2000-06-26 04:22:59 +08:00			`-C Chase Referrals`
Rework SASL command line arguments. Default is now to authenticate using best available mechanism. (authzid prompting to be disabled) To use simple bind, -x is required (implied if -P 2) with -D/-[Ww] To use simple "anonymous" bind, just -x will do. 2000-07-16 07:25:46 +08:00			`-D Bind DN`
Minor cleanup 2002-12-05 11:30:20 +08:00			`-E Tool-specific Extensions (e.g., -E <[!]oid[=options]>*)`
			`-e General Extensions (e.g., -e <[!]oid[=options]>*)`
Add additional password file support. 2003-03-31 14:29:59 +08:00			`-f file`
Allocate -H for URI specification Clarify use of other flags 2000-08-25 10:10:14 +08:00			`-H URI`
Add description of global command line arguments.... 2000-04-25 18:34:19 +08:00			`-P protocol version`
reserve -V for version information 2001-01-20 09:16:19 +08:00			`-V version information`
Add description of global command line arguments.... 2000-04-25 18:34:19 +08:00			`-W prompt for bind password`
			`-d debug`
			`-h host`
			`-n no-op`
reserve -N for "disable SASLprep" future use 2005-12-24 07:49:48 +08:00			`-N no (SASLprep) normalization of simple bind password`
Add description of global command line arguments.... 2000-04-25 18:34:19 +08:00			`-p port`
			`-v verbose`
-V updates 2003-01-21 05:16:58 +08:00			`-V version`
Minor cleanup 2002-12-05 11:30:20 +08:00			`-x simple bind`
Patch: 'ldapmodify -y file' reads password from file (ITS#2031) ================ Written by Hallvard B. Furuseth and placed into the public domain. This software is not subject to any license of the University of Oslo. ================ Adapted by Kurt Zeilenga for inclusion in OpenLDAP. My comments are marked with enclosed with square brackets (e.g. [Kurt's comment] below. ================ If I run ldapmodify & co from a script, I don't want to use '-W password' because the password shows up in the output of 'ps' for everyone, and I can't pipe the password to 'ldapmodify -w' because -w uses getpassphrase() which reads from the tty instead of stdin. So I added '-y file' which reads the password from file. The programs exit if the file cannot be read. [Complete contents of file is used as password. Use: echo -n "secret" > password to create a file with "secret" as the password. The -n avoids adding a newline (which would invalidate the password). Note that echo is a builtin and hence its arguments are not visible to 'ps'.] I changed ldapmodify, ldapmodrdn, ldapdelete, ldapsearch, ldapcompare. I did not bother to change ldappasswd and ldapwhoami, because they prompt for many passwords. [I fixed up ldapwhoami.] Rerun autoconf after applying this patch. [Done.] Note: I do not know if Windows NT has fstat(), so I set HAVE_FSTAT to undef in portable.nt. (fstat() is used to warn if the file is publicly readable or writeable.) [I used fstat() to set the buffer size to read.] [Note: using the contents of a file extends the tools to support passwords which could not normally be provided using getpassphrase() or via the command line.] Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, Aug 2002. [Kurt D. Zeilenga <kurt@openldap.org>, Aug 2002.] 2002-08-24 13:47:17 +08:00			`-y Bind password-file`
Rework SASL command line arguments. Default is now to authenticate using best available mechanism. (authzid prompting to be disabled) To use simple bind, -x is required (implied if -P 2) with -D/-[Ww] To use simple "anonymous" bind, just -x will do. 2000-07-16 07:25:46 +08:00			`-w Bind password`
Reserve digit flags 2002-06-16 06:18:51 +08:00			`-4 IPv4 only`
			`-6 IPv6 only`
Update args based upon intended SASL usage 2000-07-16 08:51:44 +08:00
Add TLS/SASL flags 2000-04-12 08:03:07 +08:00
Add description of global command line arguments.... 2000-04-25 18:34:19 +08:00			`* LDAPv3 Only`
Update args based upon intended SASL usage 2000-07-16 08:51:44 +08:00			`-M ManageDSAIT`
Add description of global command line arguments.... 2000-04-25 18:34:19 +08:00			`-Z StartTLS`

Update args based upon intended SASL usage 2000-07-16 08:51:44 +08:00			`-Y SASL Mechanism (defaults to "best")`
Update args based upon latest SASL usage 2000-07-19 09:19:06 +08:00			`-R SASL Realm (defaults to empty)`
			`-O SASL Security Options (defaults to "noanonymous,noplain")`
			`-U SASL Authentication Identity (defaults to USER)`
			`-X SASL Authorization Identity (defaults to empty)`
Add description of global command line arguments.... 2000-04-25 18:34:19 +08:00
Update args based upon latest SASL usage 2000-07-19 09:19:06 +08:00			`-I SASL interactive mode (default: automatic)`
			`-Q SASL quiet mode (default: automatic)`
Update args based upon intended SASL usage 2000-07-16 08:51:44 +08:00

Update args based upon latest SASL usage 2000-07-19 09:19:06 +08:00			`* LDAPv2+ Only (DEPRECATED)`
			`-K LDAPv2 Kerberos Bind (Step 1 only)`
			`-k LDAPv2 Kerberos Bind`
Add TLS/SASL flags 2000-04-12 08:03:07 +08:00
Fix up rcsid 2000-07-29 11:15:58 +08:00
			`---`
Add RCSid 2000-01-11 09:18:51 +08:00			$OpenLDAP$