LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

341

342

343

344

345

346

347

348

349

350

When the -L option is specified, the -m option is ignored, and the

attr parameter list is invalid.

-P Prompts for the user’s bind DN and password. Without -P,

ldaphostlist attempts to bind to the directory server using the

environment variables LDAP_BINDDN and LDAP_BINDCRED. Or

if those were not specified, the bind will be anonymous or as the

LDAP-UX proxy user, if configured.

-Z Requires an SSL connection to the directory server, even if the

LDAP-UX configuration does not require the use of SSL. Use of -Z

requires that either a valid server or CA certificate be defined in

the /etc/opt/ldapux/cert8.db file. An error occurs if the SSL

connection could not be established. For more information about

how ldaphostlist binds to the directory server, see

Section 9.3.9.5 (page 346).

-ZZ Attempts a TLS connection to the directory server, even if the

LDAP-UX configuration does not require the use of TLS. If a TLS

connection cannot be established, a nonTLS and nonSSL connection

is established. Using -ZZ is not recommended (use -Z or -ZZZ

instead) unless alternative methods are used to protect against

network eavesdropping. Use of -ZZ requires that either a valid

server or CA certificate be defined in the /etc/opt/ldapux/

cert8.db file. For more information about how ldaphostlist

binds to the directory server, see Section 9.3.9.5 (page 346).

-ZZZ Requires a TLS connection to the directory server, even if the

LDAP-UX configuration does not require the use of TLS. Use of -ZZZ

requires that either a valid server or CA certificate be defined in

the /etc/opt/ldapux/cert8.db file. An error occurs if the TLS

connection could not be established. For more information about

how ldaphostlist binds to the directory server, see

Section 9.3.9.5 (page 346).

-v Displays additional information used to analyze and troubleshoot

usage issues. If attributes from a requested attr list are not

displayed as expected, -v might provide additional information.

-h servername Specifies the host name and optional port number (hostname:port)

of the directory server where the hosts are managed. This option

overrides the server list configured by LDAP-UX. The hostname

field also supports specification of IPv4 and IPv6 addresses. If you

specify a port for an IPv6 address, the IPv6 address must be

specified in square-bracketed form. If the optional port is

unspecified, the port number is assumed to be 389 or 636 for SSL

connections ( -Z). For additional information, see Section 9.3.9.5

(page 346).

-p port Specifies the port number of the directory server to contact. This

option is ignored if the port number is specified in the servername

as part of the -h option. For information about impacts when using

this option, see Section 9.3.8.4 (page 337).

If the ! option is specified, the host is removed as a member from

the specified group. If the ! is specified by itself, the host is

removed from all groups of which it is a member.

342 Command and tool reference