ldappasswd
269
Option
Description
-ZZZ
Enforces the Start TLS request. The server
must respond that the request was successful.
If the server does not support Start TLS, such
as Start TLS is not enabled or the certificate
information is incorrect, the command is aborted
immediately.
Table 6.20. General ldappasswd Options
SASL Options
SASL mechanisms can be used to authenticate a user, using the
-o
the required SASL information.
To learn which SASL mechanisms are supported, search the root DSE. See the
-b
option in
Table 6.3,
“Commonly-Used ldapsearch Options”
.
Option
Description
-o
Specifies SASL options. The format is
-o
saslOption=value
.
saslOption
can have one of
six values:
• mech, the SASL authentication mechanism
• authid, the user who is binding to the server
(Kerberos principal)
• authzid, a proxy authorization (ignored by
the server since proxy authorization is not
supported)
• secProp, the security properties
• realm, the Kerberos realm
• flags
The expected values depend on the supported
mechanism. The
-o
can be used multiple times
to pass all of the required SASL information for
the mechanism. For example:
-o "mech=DIGEST-MD5" -o "authzid=test_user" -
o "authid=test_user"
Table 6.21. SASL Options
See
SASL Options
for
ldapsearch
for information on how to use SASL options with
ldappasswd
.
Examples
The following examples provide show how to perform various tasks using the
ldappasswd
command.
The Directory Manager changes the password of the user
uid=tuser1,ou=People,dc=example,dc=com
to new_password over SSL.
Содержание 8.1
Страница 8: ...viii ...
Страница 14: ...xiv ...
Страница 16: ...2 ...
Страница 250: ...236 ...
Страница 334: ...320 ...
Страница 372: ...358 ...