Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

slapauth(8) [sunos man page]

SLAPAUTH(8)						      System Manager's Manual						       SLAPAUTH(8)

NAME

       slapauth - Check a list of string-represented IDs for LDAP authc/authz

SYNOPSIS

       /usr/sbin/slapauth  [-d debug-level]  [-f slapd.conf]  [-F confdir] [-M mech] [-o option[=value]] [-R realm] [-U authcID] [-v] [-X authzID]
       ID [...]

DESCRIPTION

       Slapauth is used to check the behavior of the slapd in mapping identities for authentication and authorization purposes,  as  specified	in
       slapd.conf(5).	It opens the slapd.conf(5) configuration file or the slapd-config(5) backend, reads in the authz-policy/olcAuthzPolicy and
       authz-regexp/olcAuthzRegexp directives, and then parses the ID list given on the command-line.

OPTIONS

       -d debug-level
	      enable debugging messages as defined by the specified debug-level; see slapd(8) for details.

       -f slapd.conf
	      specify an alternative slapd.conf(5) file.

       -F confdir
	      specify a config directory.  If both -f and -F are specified, the config file will be read and converted to config directory  format
	      and  written  to	the  specified directory.  If neither option is specified, an attempt to read the default config directory will be
	      made before trying to use the default config file. If a valid config directory exists then the default config file is ignored.

       -M mech
	      specify a mechanism.

       -o option[=value]
	      Specify an option with a(n optional) value.  Possible generic options/values are:

		     syslog=<subsystems>  (see `-s' in slapd(8))
		     syslog-level=<level> (see `-S' in slapd(8))
		     syslog-user=<user>   (see `-l' in slapd(8))

       -R realm
	      specify a realm.

       -U authcID
	      specify an ID to be used as authcID throughout the test session.	If present, and if no authzID is given, the IDs in the ID list are
	      treated as authzID.

       -X authzID
	      specify an ID to be used as authzID throughout the test session.	If present, and if no authcID is given, the IDs in the ID list are
	      treated as authcID.  If both authcID and authzID are given via command line switch, the ID list cannot be present.

       -v     enable verbose mode.

EXAMPLES

       The command

	    /usr/sbin/slapauth -f //etc/ldap/slapd.conf -v 
		   -U bjorn -X u:bjensen

       tests whether the user bjorn can assume the identity of the user bjensen provided the directives

	    authz-policy from
	    authz-regexp "^uid=([^,]+).*,cn=auth$"
		 "ldap:///dc=example,dc=net??sub?uid=$1"

       are defined in slapd.conf(5).

SEE ALSO

       ldap(3), slapd(8), slaptest(8)

       "OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)

ACKNOWLEDGEMENTS

       OpenLDAP Software is developed and maintained by The OpenLDAP Project <http://www.openldap.org/>.  OpenLDAP Software is derived	from  Uni-
       versity of Michigan LDAP 3.3 Release.

OpenLDAP							    2012/04/23							       SLAPAUTH(8)

Check Out this Related Man Page

SLAPAUTH(8C)															      SLAPAUTH(8C)

NAME

       slapauth - Check a list of string-represented IDs for LDAP authc/authz

SYNOPSIS

       /usr/sbin/slapauth  [-d debug-level]  [-f slapd.conf]  [-F confdir] [-M mech] [-o option[=value]] [-R realm] [-U authcID] [-v] [-X authzID]
       ID [...]

DESCRIPTION

       Slapauth is used to check the behavior of the slapd in mapping identities for authentication and authorization purposes,  as  specified	in
       slapd.conf(5).	It opens the slapd.conf(5) configuration file or the slapd-config(5) backend, reads in the authz-policy/olcAuthzPolicy and
       authz-regexp/olcAuthzRegexp directives, and then parses the ID list given on the command-line.

OPTIONS

       -d debug-level
	      enable debugging messages as defined by the specified debug-level; see slapd(8) for details.

       -f slapd.conf
	      specify an alternative slapd.conf(5) file.

       -F confdir
	      specify a config directory.  If both -f and -F are specified, the config file will be read and converted to config directory  format
	      and  written  to	the  specified directory.  If neither option is specified, an attempt to read the default config directory will be
	      made before trying to use the default config file. If a valid config directory exists then the default config file is ignored.

       -M mech
	      specify a mechanism.

       -o option[=value]
	      Specify an option with a(n optional) value.  Possible generic options/values are:

		     syslog=<subsystems>  (see `-s' in slapd(8))
		     syslog-level=<level> (see `-S' in slapd(8))
		     syslog-user=<user>   (see `-l' in slapd(8))

       -R realm
	      specify a realm.

       -U authcID
	      specify an ID to be used as authcID throughout the test session.	If present, and if no authzID is given, the IDs in the ID list are
	      treated as authzID.

       -X authzID
	      specify an ID to be used as authzID throughout the test session.	If present, and if no authcID is given, the IDs in the ID list are
	      treated as authcID.  If both authcID and authzID are given via command line switch, the ID list cannot be present.

       -v     enable verbose mode.

EXAMPLES

       The command

	    /usr/sbin/slapauth -f //etc/openldap/slapd.conf -v 
		   -U bjorn -X u:bjensen

       tests whether the user bjorn can assume the identity of the user bjensen provided the directives

	    authz-policy from
	    authz-regexp "^uid=([^,]+).*,cn=auth$"
		 "ldap:///dc=example,dc=net??sub?uid=$1"

       are defined in slapd.conf(5).

SEE ALSO

       ldap(3), slapd(8), slaptest(8)

       "OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)

ACKNOWLEDGEMENTS

       OpenLDAP Software is developed and maintained by The OpenLDAP Project <http://www.openldap.org/>.  OpenLDAP Software is derived	from  Uni-
       versity of Michigan LDAP 3.3 Release.

OpenLDAP 2.4.28 						    2011/11/24							      SLAPAUTH(8C)
Man Page