|
-a <deref> |
Specifies how to handle the dereferencing
of an alias. It uses the following values:
-
Never—aliases are never dereferenced
when locating the base object or searching.
-
Always—aliases are always dereferenced
when locating the base object and searching.
-
Search—aliases are dereferenced when searching
subordinates of the base object but not when locating the base object.
-
Find—aliases are dereferenced when locating
the base object but not when search the subordinates of the base
object.
|
|
-A |
Retrieves attribute names only (no values). |
|
-b <basedn> |
Specifies the dn of the base container
where the search should begin |
|
-L |
Prints entries in LDIF format. |
|
-LL |
Prints entries in LDIF format without
comments. |
|
-LLL |
Prints entries in LDIF format without
comments and version. |
|
-s <scope> |
Specifies the extent of the scope and
use one of the following scope values:
-
base—search base object only
-
one—search the immediate subordinates of
the base object
-
sub—search the base object and all of its
subordinates
|
|
-S <attr> |
Sorts the results by the specified attribute. |
|
-t |
Writes binary values to files in TMPDIR. |
|
-tt |
Writes all values to files in TMPDIR. |
|
-T <path> |
Write files to directory specified by
path (default: "/tmp"). |
|
-u |
Includes User Friendly entry names in
the output. |
|
-V |
URL prefix for files. |
|
-V <prefix> |
Specifies the URL prefix for files (default:
"file://tmp/"). |
|
-z <limit> |
Specifies the maximum number of entries
to return in the search. |
|
Common Options
|
Description
|
|
-C |
Enable referral following. (anonymous
bind.) |
|
-CC |
Enable referral following. (authenticated
bind with same bind DN and password.) |
|
-d <level> |
Sets LDAP debugging to the specified
level. |
|
-D <binddn> |
Specifies the dn of the entry to use
in bind operations. |
|
-e <file> |
Specifies the certificate file to use
with an SSL bind. |
|
-E
|
Use the key file at /etc/opt/novell/certs/SSCert.der
for SSL bind.
NOTE:This option works only on Cypress Linux.
|
|
-f <file> |
Performs the sequence of searches listed
in the specified file. Each line specifies the parameters for one
search. |
|
-h <host> |
Specifies an alternate host on which
the LDAP server is running. |
|
-l <limit> |
Specifies the connection and search timeout
(in seconds). |
|
-M |
enable Manage DSA IT control. (non-critical) |
|
-MM |
enable Manage DSA IT control. (critical) |
|
-n |
Shows what would be done, but doesn’t
actually search the directory. |
|
-p <port> |
Specifies an alternate TCP port on which
the LDAP server is listening. |
|
-P <version> |
Specifies the LDAP version (2 or 3). |
|
-v |
Turns on verbose mode (diagnostics to
standard output). |
|
-w <passwd> |
Specifies the password to use for simple
authentication |
|
-W |
Prompts the user for bind password. |
|
-Z |
Starts TLS before binding to perform
the operation. If an error occurs during the Start TLS operation
the error is ignored and the operation continues. It is recommended
that the -ZZ option be used in place of this option to cause the operation
to abort if an error occurs.
If a port is specified with this with this option, it must
accept clear text connections.
To verify the server identity, this option should be used
in conjunction with the -e option to specify a server certificate
file to validate the server trusted root certificate when TLS is
started. If the -e option is not specified, any certificate from
the server will be accepted. |
|
-ZZ |
Starts TLS before binding to perform
the operation. If an error occurs during the Start TLS operation
the operation is aborted.
If a port is specified with this with this option, it must
accept clear text connections.
To verify server identity, this option should be used in conjunction
with the -e option to specify a server certificate file to validate
the server trusted root certificate when TLS is started. If the
-e option is not specified, any certificate from the server is accepted. |