Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   16655 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

SLAPAUTH(8C)							  SLAPAUTH(8C)

NAME
       slapauth - Check a list of string-represented IDs for LDAP authc/authz

SYNOPSIS
       /opt/local/sbin/slapauth	 [-d debug-level] [-f slapd.conf] [-F confdir]
       [-M mech] [-o option[=value]] [-R realm] [-U authcID] [-v] [-X authzID]
       ID [...]

DESCRIPTION
       Slapauth	 is used to check the behavior of the slapd in mapping identi‐
       ties for authentication and authorization  purposes,  as	 specified  in
       slapd.conf(5).	It  opens  the slapd.conf(5) configuration file or the
       slapd-config(5) backend, reads in the  authz-policy/olcAuthzPolicy  and
       authz-regexp/olcAuthzRegexp  directives,	 and  then  parses the ID list
       given on the command-line.

OPTIONS
       -d debug-level
	      enable debugging messages as defined  by	the  specified	debug-
	      level; see slapd(8) for details.

       -f slapd.conf
	      specify an alternative slapd.conf(5) file.

       -F confdir
	      specify  a  config  directory.  If both -f and -F are specified,
	      the config file will be read and converted to  config  directory
	      format  and  written  to	the  specified	directory.  If neither
	      option is specified, an  attempt	to  read  the  default	config
	      directory	 will  be made before trying to use the default config
	      file. If a valid config directory exists then the default config
	      file is ignored.

       -M mech
	      specify a mechanism.

       -o option[=value]
	      Specify  an  option  with a(n optional) value.  Possible generic
	      options/values are:

		     syslog=<subsystems>  (see `-s' in slapd(8))
		     syslog-level=<level> (see `-S' in slapd(8))
		     syslog-user=<user>	  (see `-l' in slapd(8))

       -R realm
	      specify a realm.

       -U authcID
	      specify an ID to be used as authcID throughout the test session.
	      If  present,  and if no authzID is given, the IDs in the ID list
	      are treated as authzID.

       -X authzID
	      specify an ID to be used as authzID throughout the test session.
	      If  present,  and if no authcID is given, the IDs in the ID list
	      are treated as authcID.  If both authcID and authzID  are	 given
	      via command line switch, the ID list cannot be present.

       -v     enable verbose mode.

EXAMPLES
       The command

	    /opt/local/sbin/slapauth -f //opt/local/share/examples/openldap/slapd.conf -v \
		   -U bjorn -X u:bjensen

       tests  whether  the  user  bjorn	 can  assume  the identity of the user
       bjensen provided the directives

	    authz-policy from
	    authz-regexp "^uid=([^,]+).*,cn=auth$"
		 "ldap:///dc=example,dc=net??sub?uid=$1"

       are defined in slapd.conf(5).

SEE ALSO
       ldap(3), slapd(8), slaptest(8)

       "OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)

ACKNOWLEDGEMENTS
       OpenLDAP Software is developed and maintained by The  OpenLDAP  Project
       <http://www.openldap.org/>.   OpenLDAP Software is derived from Univer‐
       sity of Michigan LDAP 3.3 Release.

OpenLDAP 2.4.39			  2014/01/26			  SLAPAUTH(8C)

Vote for polarhome