l
ldapuglist(1M)
ldapuglist(1M)
/etc/passwd
format:
uid
:
userPasswd
:
uidNumbr
:
gidNumbr
:
gecos
:
homeDirectory
:
loginShell
/etc/group
format:
cn
:
userPasswd
:
gidNumber
,
memberUid
,
...
The
-m
option is ignored when the
-L
option is specified. The attr parameter list is invalid when
the
-L
option is specified.
-P
Prompt for the bind identity (typically LDAP DN or Kerberos principal) and bind password.
Without
-P
,
ldapuglist
will discover the bind identity and password either from the environ-
ment
variables
LDAP_BINDDN
and
LDAP_BINDCRED
.
If
the
LDAP_BINDDN
or
LDAP_BINDCRED
environment variables have not been specified,
ldapuglist
will follow the
bind configuration specified in the LDAP-UX configuration profile.
If LDAP-UX has specified "proxy" bind, the bind credential will be read from either the
/etc/opt/ldapux/acred
or
/etc/opt/ldapux/pcred
file. The
acred
file will only be
used by users that have sufficient administrative privilege to read that file. Refer to Binding to the
Directory Server below for additional details.
-Z
Requires an SSL connection to the directory server, even if the LDAP-UX configuration does not
require the use of SSL.
Use of
-Z
requires either a valid directory server or CA certificate be defined in the
/etc/opt/ldapux/cert8.db
file. An error will occur if the SSL connection could not be
established. Refer to Binding to the Directory Server below for additional details.
-ZZ
Attempt a TLS connection to the directory server, even if the LDAP-UX configuration does not
require the use of TLS. If a TLS connection is unable to be established a non-TLS and non-SSL
connection will be established.
Use of
-ZZ
is not recommended unless alternative methods are used to protect from network
eavesdropping. Use of
-ZZ
requires either a valid server or CA certificate be defined in the
/etc/opt/ldapux/cert8.db
file. Refer to
Binding
to the Directory
Server
below for additional details.
-ZZZ
Requires a TLS connection to the directory server, even if the LDAP-UX configuration does not
require the use of TLS.
Use of
-ZZZ
requires either a valid directory server or CA certificate be defined in the
/etc/opt/ldapux/cert8.db
file. An error will occur if the TLS connection could not be
established. Refer to Binding to the Directory Server below for additional details.
Arguments
-t
type
Specifies which service type
ldapuglist
will use to display or enumerate entries. The
service type can be either
passwd
or
group
, where:
passwd
implies posixAccount-type entries and,
group
implies posixGroup-type entries.
Specification of the type parameter indicates how to handle processing of search filters (
-f
)
and attribute mapping. If the
-t
option is not specified,
ldapuglist
will assume the
passwd
type.
-h
hostname
Specifies the host name and optional port number (hostname
:
port) of the directory server.
This option overrides the server list configured by LDAP-UX.
This field supports specification of IPv4 and IPv6 addresses. Note that when a port is
specified for an IPv6 address, the IPv6 address must be specified in square-bracketed form.
If the optional port is unspecified, the port number is assumed to be 389 or 636 for SSL con-
nections (
-Z
). Refer to Binding to the Directory Server below for additional details.
-p
port
Specifies the port number of the directory server to contact. This option is ignored if the
port number is specified in the hostname as part of the
-h
option. Refer to Bindinding to
the Directory Server below for additional details.
-n
name
Provides a simplified method for discovering a single account or group. Use of
-n
is the
same as
-f"(uid=
name
)"
for accounts and
-f"(cn=
cname
)"
for groups.
480
Hewlett-Packard Company
−
2
−
HP-UX 11i Version 2: December 2007 Update