ldapwhoami

a b c d e f g h i j k l m n o p q r s t u v w x y z _
LDAPWHOAMI(1)							LDAPWHOAMI(1)



NAME
       ldapwhoami - LDAP who am i? tool

SYNOPSIS
       ldapwhoami [-n] [-v] [-z] [-d debuglevel] [-D binddn] [-W] [-w passwd]
       [-y passwdfile] [-H ldapuri] [-h ldaphost] [-p ldapport] [-O security-
       properties]   [-I]  [-Q]	 [-U authcid]  [-R realm]  [-x]	 [-X authzid]
       [-Y mech] [-Z[Z]]

DESCRIPTION
       ldapwhoami implements the LDAP "Who Am I?" extended operation.

       ldapwhoami opens a connection to an LDAP server, binds, and performs a
       whoami operation.

OPTIONS
       -n     Show  what would be done, but don’t actually perform the whoami
	      operation.  Useful for debugging in conjunction with -v.

       -v     Run in verbose mode, with many diagnostics written to  standard
	      output.

       -d debuglevel
	      Set  the	LDAP debugging level to debuglevel.  ldapcompare must
	      be compiled with LDAP_DEBUG defined for this option to have any
	      effect.

       -x     Use simple authentication instead of SASL.

       -D binddn
	      Use  the	Distinguished  Name binddn to bind to the LDAP direc-
	      tory.

       -W     Prompt for simple authentication.	  This	is  used  instead  of
	      specifying the password on the command line.

       -w passwd
	      Use passwd as the password for simple authentication.

       -y passwdfile
	      Use  complete contents of passwdfile as the password for simple
	      authentication.

       -H ldapuri
	      Specify URI(s) referring to the ldap server(s).

       -h ldaphost
	      Specify an alternate host on which the ldap server is  running.
	      Deprecated in favor of -H.

       -p ldapport
	      Specify  an alternate TCP port where the ldap server is listen-
	      ing.  Deprecated in favor of -H.

       -P 2|3 Specify the LDAP protocol version to use.

       -O security-properties
	      Specify SASL security properties.

       -I     Enable SASL Interactive mode.  Always prompt.   Default  is  to
	      prompt only as needed.

       -Q     Enable SASL Quiet mode.  Never prompt.

       -U authcid
	      Specify the authentication ID for SASL bind. The form of the ID
	      depends on the actual SASL mechanism used.

       -R realm
	      Specify the realm of authentication ID for SASL bind. The	 form
	      of the realm depends on the actual SASL mechanism used.

       -X authzid
	      Specify  the requested authorization ID for SASL bind.  authzid
	      must be one of the following formats:  dn:<distinguished	name>
	      or u:<username>

       -Y mech
	      Specify  the  SASL  mechanism to be used for authentication. If
	      it’s not specified, the program will choose the best  mechanism
	      the server knows.

       -Z[Z]  Issue  StartTLS  (Transport Layer Security) extended operation.
	      If you use -ZZ, the command will require the  operation  to  be
	      successful.

EXAMPLE
	   ldapwhoami -x -D "cn=Manager,dc=example,dc=com" -W

SEE ALSO
       ldap.conf(5), ldap(3), ldap_extended_operation(3)

AUTHOR
       The OpenLDAP Project <http://www.openldap.org/>

ACKNOWLEDGEMENTS
       OpenLDAP	  is   developed  and  maintained  by  The  OpenLDAP  Project
       (http://www.openldap.org/).  OpenLDAP is derived	 from  University  of
       Michigan LDAP 3.3 Release.



OpenLDAP 2.2.13			  2004/06/10			LDAPWHOAMI(1)