Common ldap Command Parameters
Explore the various command parameters frequently used in LDAP operations to enhance your understanding of LDAP queries and configurations. Mastering these common LDAP command parameters will empower you to efficiently manage and interact with LDAP directories.
Updated at July 27th, 2024
Date: 11-04-2022
The group of online LDAP command line utilities share a set of common parameters.
| Parameter | Description |
|---|---|
| -H ldapuri | BIND to the given ldapuri (server) |
| -Z[Z] | Use StartTLS to encrypt connection. -ZZ requires successful TLS validation for connection. |
| -D binddn | BIND using the given binddn. Ignored when using SASL |
| -x | Use simple (username/binddn + password) authentication instead of SASL |
| -W | Prompt for BIND password |
| -w password | BIND using password |
| -U authcid | Specify the authentication ID for SASL bind. The form of the ID depends on the actual SASL mechanism used. |
| -R realm | Specify the realm of authentication ID for SASL bind. The form of the realm depends on the actual SASL mechanism used. |
| -X | Specify the requested authorization ID for SASL bind. authzid must be one of the following formats: dn:<distinguished name> or u:<user‐name> |
| -Y saslmech | Specify the SASL mechanism to be used for authentication. |
| -v | Verbose output |
| -d debuglevel | Set the LDAP debugging level to debuglevel |
| -V[V] | Print version info. If -VV is given, exit after providing version info. |
Additional information can be found within the man pages for ldap commands (i.e. man ldapsearch)
See also: