ldapwhoami(1)

NAME

       ldapwhoami - LDAP who am i? tool

SYNOPSIS

       ldapwhoami  [-n] [-v] [-z] [-d debuglevel] [-D binddn] [-W] [-w passwd]
       [-y passwdfile] [-H ldapuri] [-h ldaphost] [-p ldapport]  [-O security-
       properties]   [-I]   [-Q]  [-U authcid]  [-R realm]  [-x]  [-X authzid]
       [-Y mech] [-Z[Z]]

DESCRIPTION

       ldapwhoami implements the LDAP "Who Am I?" extended operation.

       ldapwhoami opens a connection to an LDAP server, binds, and performs  a
       whoami operation.

OPTIONS

       -n     Show  what  would be done, but don't actually perform the whoami
              operation.  Useful for debugging in conjunction with -v.

       -v     Run in verbose mode, with many diagnostics written  to  standard
              output.

       -d debuglevel
              Set the LDAP debugging level to debuglevel.  ldapcompare must be
              compiled with LDAP_DEBUG defined for this  option  to  have  any
              effect.

       -x     Use simple authentication instead of SASL.

       -D binddn
              Use the Distinguished Name binddn to bind to the LDAP directory.

       -W     Prompt for simple authentication.  This is used instead of spec-
              ifying the password on the command line.

       -w passwd
              Use passwd as the password for simple authentication.

       -y passwdfile
              Use  complete  contents of passwdfile as the password for simple
              authentication.

       -H ldapuri
              Specify URI(s) referring to the ldap server(s).

       -h ldaphost
              Specify an alternate host on which the ldap server  is  running.
              Deprecated in favor of -H.

       -p ldapport
              Specify  an  alternate TCP port where the ldap server is listen-
              ing.  Deprecated in favor of -H.

       -P 2|3 Specify the LDAP protocol version to use.

       -O security-properties
              Specify SASL security properties.

       -I     Enable SASL Interactive mode.  Always  prompt.   Default  is  to
              prompt only as needed.

       -Q     Enable SASL Quiet mode.  Never prompt.

       -U authcid
              Specify  the authentication ID for SASL bind. The form of the ID
              depends on the actual SASL mechanism used.

       -R realm
              Specify the realm of authentication ID for SASL bind.  The  form
              of the realm depends on the actual SASL mechanism used.

       -X authzid
              Specify  the  requested authorization ID for SASL bind.  authzid
              must be one of the following formats: dn:<distinguished name> or
              u:<username>

       -Y mech
              Specify  the  SASL  mechanism  to be used for authentication. If
              it's not specified, the program will choose the  best  mechanism
              the server knows.

       -Z[Z]  Issue StartTLS (Transport Layer Security) extended operation. If
              you use -ZZ, the command will require the operation to  be  suc-
              cessful.

EXAMPLE

           ldapwhoami -x -D "cn=Manager,dc=example,dc=com" -W

SEE ALSO

       ldap.conf(5), ldap(3), ldap_extended_operation(3)

AUTHOR

       The OpenLDAP Project <http://www.openldap.org/>

ACKNOWLEDGEMENTS

       OpenLDAP   is   developed   and  maintained  by  The  OpenLDAP  Project
       (http://www.openldap.org/).  OpenLDAP is  derived  from  University  of
       Michigan LDAP 3.3 Release.

OpenLDAP 2.2.30                   2005/11/18                     LDAPWHOAMI(1)