Oracle® Identity Management User Reference
10g Release 2 (10.1.2) B15883-01 |
|
Previous |
Next |
The ldapcompare
command-line tool enables you to compare an attribute value that you specify on the command line to the attribute value in a directory entry.
ldapcompare -h oid_hostname -D "binddn" -w password [-Y "proxy_dn"] [-p ldap_port] -a attribute_name -b "basedn" -v "attribute_value" [-U SSL_auth_mode {-W wallet_location -P wallet_password}] [-d debug_level] [-E character_set]
-h oid_hostname
Required. The host name or IP address of the Oracle Internet Directory server.
-D "binddn"
Required. The DN of the Oracle Internet Directory user needed to bind to the directory (for example, cn=orcladmin
).
-w password
Required. The user password needed to bind to the directory.
-Y "proxy_dn"
Optional. The DN of a proxy user. After binding to the directory, the add operation will be performed as this user.
-p ldap_port
Optional. The port number used to connect to the Oracle Internet Directory server. Defaults to port 389.
-a attribute_name
Required. The attribute for which to perform the comparison of values.
-b "basedn"
Required. The DN of the entry for which to perform the comparison.
-v "attribute_value"
Required. The attribute value that you want to compare to the value in the entry.
-U SSL_auth_mode
Optional. The SSL authentication mode:
1
for no authentication required.
2
for one way authentication required. You must also supply a wallet location and wallet password.
3
for two way authentication required. You must also supply a wallet location and wallet password.
-W wallet_location
Required if using one way or two way SSL authentication (-U 2|3
). The location of the wallet file that contains the server's SSL certificates.
Example for UNIX:
-W "file:/home/my_dir/my_wallet"
Example for Microsoft Windows:
-W "file:C:\my_dir\my_wallet"
-P wallet_password
Required if using one way or two way SSL authentication (-U 2|3
). The wallet password for the wallet specified in the -W
argument.
-d debug_level
Optional. If not specified the default of 0 (not enabled) is used. Debug levels are additive. Add the numbers representing the functions that you want to activate, and use the sum of those in the command-line option. For example, to trace search filter processing (512) and active connection management (256), enter 768 as the debug level (512 + 256 = 768). Debug levels are as follows:
1 — Heavy trace debugging
128 — Debug packet handling
256 — Connection management, related to network activities
512 — Search filter processing
1024 — Entry parsing
2048 — Configuration file processing
8192 — Access control list processing
491520 — Log of communication with the database
524288 — Schema related operations
4194304 — Replication specific operations
8388608 — Log of entries, operations and results for each connection
16777216 — Trace function call arguments
67108864 — Number and identity of clients connected to this server
117440511 — All possible operations and data
-E character_set
Optional. The native character set encoding. Defaults to the character set of the user's terminal. Each supported character set has a unique acronym, for example, WE8MSWIN1252
, JA16SJIS
, or AL32UTF8
.
Using ldapcompare
you can perform the following task:
The following example shows how to check an entry for a person named Anne Smith to see if her title is Manager.
Example:
ldapcompare -h myhost.company.com -D "cn=orcladmin" -w password -p 389 -a title -b "cn=Anne Smith,ou=Sales,o=IMC,c=US" -v "Manager"