DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

slapauth(8)



SLAPAUTH(8C)          MAINTENANCE COMMANDS           SLAPAUTH(8C)

NAME

     slapauth -  Check  a  list  of  string-represented  IDs  for
     authc/authz.

SYNOPSIS

     /usr/sbin/slapauth  [-v]  [-d  level]  [-f  slapd.conf]  [-F
     confdir]  [-M  mech] [-R realm] [-U authcID] [-X authzID] ID
     [...]

DESCRIPTION

     Slapauth is used to check the behavior of the slapd in  map-
     ping  identities  for  authentication and authorization pur-
     poses,  as  specified  in  slapd.conf(5).   It   opens   the
     slapd.conf(5)  configuration file, reads in the authz-policy
     and authz-regexp directives, and then  parses  the  ID  list
     given on the command-line.

OPTIONS

     -v   enable verbose mode.

     -d level
          enable debugging messages as defined by  the  specified
          level.

     -f slapd.conf
          specify an alternative slapd.conf(5) file.

     -F confdir
          specify a config directory.  If  both  -f  and  -F  are
          specified,  the  config file will be read and converted
          to config directory format and written to the specified
          directory.   If neither option is specified, an attempt
          to read the  default  config  directory  will  be  made
          before  trying  to  use  the  default config file. If a
          valid config directory exists then the  default  config
          file is ignored.

     -M mech
          specify a mechanism.

     -R realm
          specify a realm.

     -U authcID
          specify an ID to be used as authcID throughout the test
          session.   If  present, and if no authzID is given, the
          IDs in the ID list are treated as authzID.

     -X authzID
          specify an ID to be used as authzID throughout the test
          session.   If  present, and if no authcID is given, the
          IDs in the ID list are treated  as  authcID.   If  both

OpenLDAP 2.3.27      Last change: 2006/08/19                    1

SLAPAUTH(8C)          MAINTENANCE COMMANDS           SLAPAUTH(8C)

          authcID  and authzID are given via command line switch,
          the ID list cannot be present.

EXAMPLES

     The command

          /usr/sbin/slapauth -f //etc/openldap/slapd.conf -v \
                 -U bjorn -X u:bjensen

     tests whether the user bjorn can assume the identity of  the
     user bjensen provided the directives

          authz-policy from
          authz-regexp "^uid=([^,]+).*,cn=auth$"
               "ldap:///dc=example,dc=net??sub?uid=$1"

     are defined in slapd.conf(5).

SEE ALSO

     ldap(3), slapd(8) slaptest(8)

     "OpenLDAP               Administrator's               Guide"
     (http://www.OpenLDAP.org/doc/admin/)

ACKNOWLEDGEMENTS

     OpenLDAP is developed and maintained by The OpenLDAP Project
     (http://www.openldap.org/).    OpenLDAP   is   derived  from
     University of Michigan LDAP 3.3 Release.

OpenLDAP 2.3.27      Last change: 2006/08/19                    2
Man(1) output converted with man2html