Mac OS X Manual Page For slapauth(8)

ADC Home > Reference Library > Reference > Mac OS X > Mac OS X Man Pages

This document is a Mac OS X manual page. Manual pages are a command-line technology for providing documentation. You can view these manual pages locally using the man(1) command. These manual pages come from many different sources, and thus, have a variety of writing styles.

For more information about the manual page format, see the manual page for manpages(5).


SLAPAUTH(8C)                                                                                    SLAPAUTH(8C)



NAME
       slapauth - Check a list of string-represented IDs for authc/authz.

SYNOPSIS
       /BinaryCache/OpenLDAP/OpenLDAP-106~5/Root/usr/sbin/slapauth  [-v]  [-d  level]  [-f  slapd.conf]  [-F
       confdir] [-M mech] [-R realm] [-U authcID] [-X authzID] ID [...]


DESCRIPTION
       Slapauth is used to check the behavior of the slapd in  mapping  identities  for  authentication  and
       authorization  purposes,  as  specified  in  slapd.conf(5).  It opens the slapd.conf(5) configuration
       file, reads in the authz-policy and authz-regexp directives, and then parses the ID list given on the
       command-line.


OPTIONS
       -v     enable verbose mode.

       -d level
              enable debugging messages as defined by the specified level.

       -f slapd.conf
              specify an alternative slapd.conf(5) file.

       -F confdir
              specify a config directory.  If both -f and -F are specified, the config file will be read and
              converted to config directory format and written  to  the  specified  directory.   If  neither
              option  is specified, an attempt to read the default config directory will be made before try-ing trying
              ing to use the default config file. If a valid config directory exists then the default config
              file is ignored.

       -M mech
              specify a mechanism.

       -R realm
              specify a realm.

       -U authcID
              specify  an  ID  to  be  used  as  authcID throughout the test session.  If present, and if no
              authzID is given, the IDs in the ID list are treated as authzID.

       -X authzID
              specify an ID to be used as authzID throughout the test session.  If present, and if no  auth-cID authcID
              cID  is given, the IDs in the ID list are treated as authcID.  If both authcID and authzID are
              given via command line switch, the ID list cannot be present.

EXAMPLES
       The command

            /BinaryCache/OpenLDAP/OpenLDAP-106~5/Root/usr/sbin/slapauth -f //etc/openldap/slapd.conf -v \
                   -U bjorn -X u:bjensen

       tests whether the user bjorn can assume the identity of the user bjensen provided the directives

            authz-policy from
            authz-regexp "^uid=([^,]+).*,cn=auth$"
                 "ldap:///dc=example,dc=net??sub?uid=$1"

       are defined in slapd.conf(5).

SEE ALSO
       ldap(3), slapd(8) slaptest(8)

       "OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)

ACKNOWLEDGEMENTS
       OpenLDAP is developed and maintained by The OpenLDAP Project (http://www.openldap.org/)  OpenLDAP is
       derived from University of Michigan LDAP 3.3 Release.



OpenLDAP 2.3.27                                  2006/08/19                                     SLAPAUTH(8C)

Did this document help you?
Yes: Tell us what works for you. It’s good, but: Report typos, inaccuracies, and so forth. It wasn’t helpful: Tell us what would have helped.