Skip Headers
Oracle® Identity Management User Reference
10g Release 2 (10.1.2)
B15883-01
  Go To Documentation Library
Home
Go To Product List
Solution Area
Go To Table Of Contents
Contents
Go To Index
Index

Previous
Previous
Next
Next
 

4.7 ldapbind

The ldapbind command-line tool enables you to see whether you can authenticate a client to a server.

4.7.1 Syntax for ldapbind

ldapbind -h oid_hostname -D "binddn" -w password [-p ldap_port] [-V ldap_version] [-n] [-O "auth"] [-Y "DIGEST-MD5|EXTERNAL"] [-R SASL_realm]  [-U SSL_auth_mode {-W wallet_location -P wallet_password}] [-E character_set]

4.7.2 Arguments for ldapbind

-h oid_hostname

Required. The host name or IP address of the Oracle Internet Directory server.

-D "binddn"

Required. The DN of the Oracle Internet Directory user needed to bind to the directory (for example, cn=orcladmin).

-w password

Required. The user password needed to bind to the directory.

-p ldap_port

Optional. The port number used to connect to the Oracle Internet Directory server. Defaults to port 389.

-V ldap_version

Optional. The version of the LDAP protocol to use. Allowed values are 2 or 3. Defaults to 3 (LDAP v3).

-O "auth"

Optional. Specifies SASL security properties. The security property supported is -O "auth". This security property is for DIGEST-MD5 SASL mechanism. It enables authentication with no data integrity or data privacy.

-Y "DIGEST-MD5 | EXTERNAL"

Optional. Specifies a Simple Authentication and Security Layer (SASL) mechanism. The following mechanisms are supported:

  • DIGEST-MD5

  • EXTERNAL - The SASL authentication in this mechanism is done on top of two-way SSL authentication. In this case the identity of the user stored in the SSL wallet is used for SASL authentication.

-R SASL_realm

Optional. A SASL realm.

-U SSL_auth_mode

Optional. The SSL authentication mode:

  • 1 for no authentication required.

  • 2 for one way authentication required. You must also supply a wallet location and wallet password.

  • 3 for two way authentication required. You must also supply a wallet location and wallet password.

-W wallet_location

Required if using one way or two way SSL authentication (-U 2|3). The location of the wallet file that contains the server's SSL certificates.

Example for UNIX:

-W "file:/home/my_dir/my_wallet"

Example for Microsoft Windows:

-W "file:C:\my_dir\my_wallet"

-P wallet_password

Required if using one way or two way SSL authentication (-U 2|3). The wallet password for the wallet specified in the -W argument.

-E character_set

Optional. The native character set encoding. Defaults to the character set of the user's terminal. Each supported character set has a unique acronym, for example, WE8MSWIN1252, JA16SJIS, or AL32UTF8.

4.7.3 Tasks and Examples for ldapbind

Using the ldapbind tool, you can perform the following task:

4.7.3.1 Validating Authentication Credentials

The following example shows how to validate the authentication credentials used to bind to the directory server when using SSL.

Example:

ldapbind -h myhost.company.com -D "cn-orcladmin" -w password -p 636 -U 2  -W "file:/home/my_dir/my_wallet" -P password

4.7.4 Related Command-Line Tools for ldapbind

  • N/A