Specifications
These tools are included in the standard OpenLDAP distribution:
Tool Used to
/usr/bin/ldapadd
Add entries to the LDAP directory.
/usr/bin/ldapcompare
Compare a directory entry’s actual attributes with
known attributes.
/usr/bin/ldapdelete
Delete entries from the LDAP directory.
/usr/bin/ldapmodify
Change an entry’s attributes.
/usr/bin/ldapmodrdn
Change an entry’s relative distinguished name (RDN).
/usr/bin/ldappasswd
Set the password for an LDAP user.
Apple recommends using
passwd instead of
ldappasswd. For more information, see the
passwd man page.
/usr/bin/ldapsearch
Search the LDAP directory.
/usr/bin/ldapwhoami
Obtain the primary authorization identity
associated with a user.
/usr/sbin/slapadd
Add entries to the LDAP directory.
/usr/sbin/slapcat
Export LDAP Directory Interchange Format les.
/usr/sbin/slapindex
Regenerate directory indexes.
/usr/sbin/slappasswd
Generate user password hashes.
Idle Rebinding Options
The following LDAPv3 plug-in parameters are used in the le /Library/Preferences/
DirectoryService/DSLDAPv3PlugInCong.plist.
Delay Rebind
This parameter species how long the LDAP plug-in waits before attempting to
reconnect to a server that fails to respond. You can increase this value to prevent
continuous reconnection attempts.
<key>Delay Rebind Try in seconds<\key>
<integer>n<\integer>
You can nd this parameter in the DSLDAPv3PlugInCong.plist le near
<key>OpenClose Timeout in seconds<\key>. If not, add it there.
Idle Timeout
This parameter species how long the LDAP plug-in sits idle before disconnecting
from the server. You can adjust this value to reduce overloading the server’s
connections from remote clients.
<key>Idle Timeout in minutes<\key>
<integer>n<\integer>
200 Chapter 9 Maintaining Open Directory Services