Red Hat Directory Server 8.0 Configuration, Command, and File Reference
NOTE
The ldappasswd utility requires confidentiality. If the messages are not encrypted
with SSL, TLS, or an appropriate SASL mechanism, the server will not perform
the request.
Option Description
-3 Specifies that hostnames should be checked
in SSL certificates.
-D
Specifies the distinguished name with which
to authenticate to the server. This value must
be a DN recognized by the Directory Server,
and it must also have the authority to delete
the entries. For example:
-D "uid=bjensen, dc=example,dc=com"
The -D option cannot be used with the -N
option.
For more information on access control, see
the "Managing Access Control" chapter in the
Directory Server Administrator's Guide.
-g
Specifies that the password policy request
control not be sent with the bind request. By
default, the new LDAP password policy
request control is sent with bind requests.
The ldappasswd tool can parse and display
information from the response control if it is
returned by a server; that is, the tool will print
an appropriate error or warning message
when a server sends the password policy
response control with the appropriate value.
The criticality of the request control is set to
false to ensure that all LDAPv3 servers that
do not understand the control can ignore it. To
suppress sending of the request control with
the bind request, include -g on the
command-line.
-h Specifies the name of the host on which the
ldappasswd
229