HP-UX Directory Server 8.1 configuration, command, and file reference

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server

201

202

203

204

205

206

207

208

209

210

6.7.2 ldappasswd-specific options

Table 6-19 ldappasswd-specific options

DescriptionOption

Specifies that the command should prompt for the user's existing password.

-A

Specifies the user's existing password. For example:

-a old_password

-a

Specifies that the command should prompt for a new password for the user.

-S

Specifies a new password for the user. For example:

-S new_password

-s

Specifies a file from which to read the new password. For example:

-T new_password.txt

-T

Specifies a file from which to read the user's existing password. For example:

-t old_password.txt

-t

Specifies the password associated with the distinguished name specified in the -D option. For

example:

-w mypassword

-w

6.7.3 General ldappasswd options

NOTE:

The ldappasswd utility requires confidentiality. If the messages are not encrypted with SSL,

TLS, or an appropriate SASL mechanism, the server will not perform the request.

Table 6-20 General ldappasswd options

DescriptionOption

Specifies that host names should be checked in SSL certificates.

-3

Specifies the distinguished name with which to authenticate to the server. This value must be a DN

recognized by the Directory Server, and it must also have the authority to delete the entries. For

example:

-D "uid=bjensen, dc=example,dc=com"

The -D option cannot be used with the -N option.

For more information on access control, see the "Managing Access Control" chapter in the HP-UX

Directory Server administrator guide.

-D

Specifies that the password policy request control not be sent with the bind request. By default, the

new LDAP password policy request control is sent with bind requests.

The ldappasswd tool can parse and display information from the response control if it is returned

by a server; that is, the tool will print an appropriate error or warning message when a server sends

the password policy response control with the appropriate value.

The criticality of the request control is set to false to ensure that all LDAPv3 servers that do not

understand the control can ignore it. To suppress sending of the request control with the bind

request, include -g on the command-line.

-g

Specifies the name of the host on which the server is running. For example:

-h cyclops

The default is localhost.

-h

Specifies the SSL key password file that contains the token:password pair.-I

208 Command-line utilities