1SLAPAUTH(8C)                                                      SLAPAUTH(8C)
2
3
4

NAME

6       slapauth - Check a list of string-represented IDs for authc/authz.
7

SYNOPSIS

9       /usr/sbin/slapauth  [-v]  [-d  level]  [-f slapd.conf] [-F confdir] [-M
10       mech] [-R realm] [-U authcID] [-X authzID] ID [...]
11

DESCRIPTION

13       Slapauth is used to check the behavior of the slapd in mapping  identiā€
14       ties  for  authentication  and  authorization purposes, as specified in
15       slapd.conf(5).  It opens the slapd.conf(5) configuration file, reads in
16       the  authz-policy  and  authz-regexp directives, and then parses the ID
17       list given on the command-line.
18

OPTIONS

20       -v     enable verbose mode.
21
22       -d level
23              enable debugging messages as defined by the specified level.
24
25       -f slapd.conf
26              specify an alternative slapd.conf(5) file.
27
28       -F confdir
29              specify a config directory.  If both -f and  -F  are  specified,
30              the  config  file will be read and converted to config directory
31              format and written  to  the  specified  directory.   If  neither
32              option  is  specified,  an  attempt  to  read the default config
33              directory will be made before trying to use the  default  config
34              file. If a valid config directory exists then the default config
35              file is ignored.
36
37       -M mech
38              specify a mechanism.
39
40       -R realm
41              specify a realm.
42
43       -U authcID
44              specify an ID to be used as authcID throughout the test session.
45              If  present,  and if no authzID is given, the IDs in the ID list
46              are treated as authzID.
47
48       -X authzID
49              specify an ID to be used as authzID throughout the test session.
50              If  present,  and if no authcID is given, the IDs in the ID list
51              are treated as authcID.  If both authcID and authzID  are  given
52              via command line switch, the ID list cannot be present.
53

EXAMPLES

55       The command
56
57            /usr/sbin/slapauth -f //etc/openldap/slapd.conf -v \
58                   -U bjorn -X u:bjensen
59
60       tests  whether  the  user  bjorn  can  assume  the identity of the user
61       bjensen provided the directives
62
63            authz-policy from
64            authz-regexp "^uid=([^,]+).*,cn=auth$"
65                 "ldap:///dc=example,dc=net??sub?uid=$1"
66
67       are defined in slapd.conf(5).
68

SEE ALSO

70       ldap(3), slapd(8) slaptest(8)
71
72       "OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
73

ACKNOWLEDGEMENTS

75       OpenLDAP  is  developed  and  maintained  by   The   OpenLDAP   Project
76       (http://www.openldap.org/).   OpenLDAP  is  derived  from University of
77       Michigan LDAP 3.3 Release.
78
79
80
81OpenLDAP 2.3.34                    2007/2/16                      SLAPAUTH(8C)
Impressum