LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

271

272

273

274

275

276

277

278

279

280

-P Prompts for the user’s bind DN and password. Without -P,

ldaphostlist attempts to bind to the directory server using the

environment variables LDAP_BINDDN and LDAP_BINDCRED.

Or if those were not specified, the bind will be anonymous or as

the LDAP-UX proxy user, if configured.

-Z

Requires an SSL connection to the directory server, even if the

ldapux(5) configuration does not require the use of SSL. Use of

-Z requires that either a valid server or CA certificate be defined

in the /etc/opt/ldapux/cert8.db file. An error occurs if the

SSL connection could not be established. See Section 7.3.9.5

(page 283) for additional details.

-ZZ

Attempts a TLS connection to the directory server, even if the

ldapux(5) configuration does not require the use of TLS. If a TLS

connection cannot be established, a non-TLS and non-SSL

connection is established. Using -ZZ is not recommended (use -Z

or -ZZZ instead) unless alternative methods are used to protect

against network eavesdropping. Use of -ZZ requires that either

a valid server or CA certificate be defined in the /etc/opt/

ldapux/cert8.db file. See Section 7.3.9.5 (page 283) for additional

details.

-ZZZ

Requires a TLS connection to the directory server, even if the

ldapux(5) configuration does not require the use of TLS. Use of

-ZZZ requires that either a valid server or CA certificate be defined

in the /etc/opt/ldapux/cert8.db file. An error occurs if the

TLS connection could not be established. See Section 7.3.9.5

(page 283) for additional details.

-v

Displays additional information used to analyze and troubleshoot

usage issues. If attributes from a requested attr list are not

displayed as expected, -v may provide additional information.

-h servername

Specifies the host name and optional port number

(hostname:port) of the directory server where the hosts are

managed. This option overrides the server list configured by

ldapux(5). The hostname field also supports specification of IPv4

and IPv6 addresses. If you specify a port for an IPv6 address, the

IPv6 address must be specified in square-bracketed form. If the

optional port is unspecified, the port number is assumed to be 389

or 636 for SSL connections ( -Z). Refer to “Binding to the Directory

Server” below for additional details.

-p port

Specifies the port number of the directory server to contact. This

option is ignored if the port number is specified in the

servername as part of the -h option. Refer to the Binding to the

Directory Server section for additional details.

If the ! option is specified, the host is removed as a member from

the specified group. If the ! is specified by itself, the host is

removed from all groups of which it is a member.

-n hostname

Provides a simplified method for discovering a single host. Use

of -n is the same as -f “(cn=name)”. If -n is used, the -g, -F

and -f options cannot be specified on the command line.

-g groupname

Limits the hosts returned to those that are also members of the

specified group. The LDAP group is discovered by searching for

any entries under the default base (as configured in the LDAP-UX

7.3 LDAP user and group management tools 279