LDAP-UX Client Services B.04.15 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

201

202

203

204

205

206

207

208

209

210

-D <binddn>

Specifies Distinguished Name (DN) of an administrator who has

permissions to read and modify LDAP directory server schema.

-j <filename>

Specifies an administrator’s password in the file (for simple authentication).

-w-

Inputs an administrator’s password from the prompt (for simple

authentication).

-Z

Establishes an SSL-encrypted connection.

-ZZ

Specifies StartTLS request.

-ZZZ

Enforces startTLS request (requires successful server response).

-P path

Specifies path to SSL certificate database. (Default: /etc/opt/ldapux)

-3

Verifies the host name in SSL certificates.

-s-

Disables syntax substitution in attribute types. Normally, if an attribute

type uses an LDAP syntax not supported on the LDAP directory server, it

is mapped to use a higher level (more inclusive) syntax supported by that

server. If this option is specified, any attribute types that use unsupported

LDAP syntax will not be added to the LDAP directory server schema. See

“Mapping Unsupported Matching Rules and LDAP Syntaxes” (page 219)

section for more details.

-m-

Disables matching rule substitution in attribute types. Normally, if an

attribute type uses a matching rule not supported on the LDAP directory

server, it is mapped to use a higher level (less specific) matching rule

supported by that server. If this option is specified, any attribute types that

use unsupported matching rules will not be added to the LDAP directory

server schema. See the “Mapping Unsupported Matching Rules and LDAP

Syntaxes” (page 219) section for more details.

-f <filename>

Stores schema extension instructions in the specified file (usually in LDIF

format). Do not apply any changes to the LDAP directory server schema.

This option requires specifying the -e option.

-F

Forces installation of schema even if it contains any invalid attribute type

or object class definitions, or some components specified in the schema file

are already present in the LDAP directory server.

6.5.3.2 Security

For security reasons, the LDAP administrator's password may not be specified on the command

line. It can be specified at the prompt (-w - option), in a file (-j <filename> option), or using the

LDAP_BINDCRED environmental variable described in the “Environment Variables” section

below.

6.5 Schema Extension Utility 207