Apple oxs Server User Manual


 
Chapter 14 Working With Open Directory 157
LDAP
Configuring LDAP
The following tools are available for configuring LDAP. For more information, see the
man page for each tool.
slapconfig
You can use the slapconfig utility to configure the slapd and slurpd LDAP daemons
and related search policies. For more information, type man slapconfig to see the
man page.
Standard Distribution Tools
These tools are included in the standard LDAP distribution.
A Note on Using ldapsearch
The ldapsearch tool connects to an LDAP server, binds to it, finds entries, and returns
attributes of the entries found.
By default, ldapsearch tries to connect to the LDAP server using the Simple
Authentication and Security Layer (SASL) method. If the server doesn’t support this
method, you see this error message:
ldap_sasl_interactive_bind_s: No such attribute (16)
To avoid this, include the -x option when you type the command. For example:
ldapsearch -h 192.168.100.1 -b "dc=ecxample,dc=com" -x
Program Used to
/usr/bin/ldapadd Add entries to the LDAP directory.
/usr/bin/ldapcompare Compare a directory entry’s actual attributes with known
attributes.
/usr/bin/ldapdelete Delete entries from the LDAP directory.
/usr/bin/ldapmodify Change an entry’s attributes.
/usr/bin/ldapmodrdn Change an entry’s relative distinguished name (RDN).
/usr/bin/ldappasswd Set the password for an LDAP user.
Apple recommends using passwd instead of ldappasswd. For
more information, type man passwd.
/usr/bin/ldapsearch Search the LDAP directory. See the usage note under “A Note on
Using ldapsearch” on this page.
/usr/bin/ldapwhoami Obtain the primary authorization identity associated with a user.
/usr/sbin/slapadd Add entries to the LDAP directory.
/usr/sbin/slapcat Export LDAP Directory Interchange Format files.
/usr/sbin/slapindex Regenerate directory indexes.
/usr/sbin/slappasswd Generate user password. hashes.
LL2354.book Page 157 Monday, October 20, 2003 9:47 AM