MyWebUniversity.com Home Page
 



Darwin Mac OS X man pages main menu 
dsconfigldap(1)           BSD General Commands Manual          dsconfigldap(1)

NAME
     dsconfigldap -- LDAP server config/binding add/remove tool.

SYNOPSIS
     dsconfigldap [-fvixsgme] -a servername [-n configname] [-c computerid]
                  [-u username] [-p password] [-l username] [-q password]

     dsconfigldap [-fvi] -r servername [-u username] [-p password]
                  [-l username] [-q password]

                  options:
                        -f             force the binding/unbinding
                        -v             verbose logging to stdout
                        -i             prompt for passwords as required
                        -x             choose SL connection
                        -s             enforce secure authentication only
                        -g             enforce packet signing security policy
                        -m             enforce man-in-middle security policy
                        -e             enforce encryption security policy
                        -h             display usage statement

                  parameters:
                        -a servername  add config of servername
                        -r servername  remove config of servername
                        -n configname  name given to LDAP server config
                        -c computerid  name used if binding to directory
                        -u username    privileged network username
                        -p password    privileged network user password
                        -l username    local admin username
                        -q password    local admin password

DESCRIPTION
     dsconfigldap allows addition or removal of LDAP server configurations in
     Directory Services. Presented below is a discussion of possible parame-
     ters. Usage has three intents: add server config, remove server config,
     or display help.

     Options list and their descriptions:

     -f       Bindings will be established or dropped in conjunction with the
              addition or removal of the LDAP server configuration.

     -v       This enables the logging to stdout of the details of the opera-
              tions. This can be redirected to a file.

     -i       You will be prompted for a password to use in conjunction with a
              specified username.

     -s       This ensures that no clear text passwords will be sent to the
              LDAP server during authentication.  This will only be enabled if
              the server supports non-cleartext methods.

     -e       This ensures that if the server is capable of supporting encryp-
              tion methods (i.e., SL or Kerberos) that encryption will be
              enforced at all times via policy.

     -m       This ensures that man-in-the-middle capabilities will be
              enforced via Kerberos, if the server supports the capability.

     -g       This ensures that packet signing capabilities will be enforced
              via Kerberos, if the server supports the capability.

     -x       Connection to the LDAP server will only be made over SL.

     -h       Display usage statement.

     Parameters list and their descriptions:

     -a servername
              This is either the fully qualified domain name or correct IP
              address of the LDAP server to be added to the DirectoryService
              LDAPv3 configuration.

     -r servername
              This is either the fully qualified domain name or correct IP
              address of the LDAP server to be removed from the DirectorySer-
              vice LDAPv3 configuration.

     -n configname
              This is the UI configuration label that is to be given the LDAP
              server configuration.

     -c computerid
              This is the name to be used for directory binding to the LDAP
              server. If none is given the first substring, before a period,
              of the hostname (the defined environment variable "HOST") is
              used.

     -u username
              Username of a privileged network user to be used in authenti-
              cated directory binding.

     -p password
              Password for the privileged network user.  If this is not speci-
              fied, you will be prompted for a password.

     -l username
              Username of a local administrator.

     -q password
              Password for the local administrator.  If this is not specified,
              you will be prompted for a password.

EXAMPLES
     -add a LDAP server config
              dsconfigldap -v -a myldap.company.com The LDAP server config for
              the LDAP server myldap.company.com will be added. If authenti-
              cated directory binding is required by the LDAP server, then
              this call will fail. Otherwise, the following parameters config-
              name, computerid, and local admin name will respectively pick up
              these defaults: ip address of the LDAP servername, substring up
              to first period of fully qualified hostname, and username of the
              user in the shell this tool was invoked.

     -remove a LDAP server config
              dsconfigldap -v -r myldap.company.com The LDAP server config for
              the LDAP server myldap.company.com will be removed but not
              unbound since no network user credentials were supplied.  The
              local admin name will be the username of the user in the shell
              this tool was invoked.

Mac OS                            May 07 2004                           Mac OS
Darwin Mac OS X man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™