GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
SLAPAUTH(8C) SLAPAUTH(8C)

slapauth - Check a list of string-represented IDs for LDAP authc/authz

/usr/local/sbin/slapauth [-d debug-level] [-f slapd.conf] [-F confdir] [-M mech] [-o option[=value]] [-R realm] [-U authcID] [-v] [-X authzID] ID [...]

Slapauth is used to check the behavior of the slapd in mapping identities for authentication and authorization purposes, as specified in slapd.conf(5). It opens the slapd.conf(5) configuration file or the slapd-config(5) backend, reads in the authz-policy/olcAuthzPolicy and authz-regexp/olcAuthzRegexp directives, and then parses the ID list given on the command-line.

enable debugging messages as defined by the specified debug-level; see slapd(8) for details.
specify an alternative slapd.conf(5) file.
specify a config directory. If both -f and -F are specified, the config file will be read and converted to config directory format and written to the specified directory. If neither option is specified, an attempt to read the default config directory will be made before trying to use the default config file. If a valid config directory exists then the default config file is ignored.
specify a mechanism.
Specify an option with a(n optional) value. Possible generic options/values are:



              syslog=<subsystems>  (see `-s' in slapd(8))


              syslog-level=<level> (see `-S' in slapd(8))


              syslog-user=<user>   (see `-l' in slapd(8))
specify a realm.
specify an ID to be used as authcID throughout the test session. If present, and if no authzID is given, the IDs in the ID list are treated as authzID.
specify an ID to be used as authzID throughout the test session. If present, and if no authcID is given, the IDs in the ID list are treated as authcID. If both authcID and authzID are given via command line switch, the ID list cannot be present.
enable verbose mode.

The command

	/usr/local/sbin/slapauth -f //usr/local/etc/openldap/slapd.conf -v \


            -U bjorn -X u:bjensen
tests whether the user bjorn can assume the identity of the user bjensen provided the directives 

	authz-policy from
	authz-regexp "^uid=([^,]+).*,cn=auth$"
		"ldap:///dc=example,dc=net??sub?uid=$1"
are defined in slapd.conf(5).

ldap(3), slapd(8), slaptest(8)

"OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)

OpenLDAP Software is developed and maintained by The OpenLDAP Project <http://www.openldap.org/>. OpenLDAP Software is derived from the University of Michigan LDAP 3.3 Release.

2025/05/22 OpenLDAP 2.6.10
Search for    or go to Top of page |  Section 8 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.