Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   11362 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

LDAPD(8)		OpenBSD System Manager's Manual		      LDAPD(8)

NAME
     ldapd - Lightweight Directory Access Protocol daemon

SYNOPSIS
     ldapd [-dnv] [-D macro=value] [-f file] [-s file]

DESCRIPTION
     ldapd is a daemon which implements version 3 of the LDAP protocol.

     A running ldapd process can be controlled using the ldapctl(8) utility.

     The options are as follows:

     -D macro=value
	     Define macro to be set to value on the command line.  Overrides
	     the definition of macro in the configuration file.

     -d	     Do not daemonize and log to stderr.

     -f file
	     Use file as the configuration file, instead of the default
	     /etc/ldapd.conf.

     -n	     Configtest mode.  Only check the configuration file for validity.

     -s file
	     Specify an alternative location for the socket file.

     -v	     Produce more verbose output.  A second -v together with the -d
	     flag produces debug traces of decoded BER messages on stderr.

AUTHENTICATION
     ldapd can authenticate users via simple binds or SASL with the PLAIN
     mechanism.

     When using simple binds, the bind DN entry must exist in a namespace and
     have a userPassword attribute.  The following formats of the userPassword
     attribute are recognized:

     {SHA}digest
	     Verify the password against the SHA-1 digest.

     {SSHA}digest
	     Verify the password against the salted SHA-1 digest.

     {CRYPT}hash
	     Verify the password against the crypt(3) hash.

     {BSDAUTH}username
	     Use BSD Authentication with the given username and authentication
	     style ``auth-ldap''.  This is similar to using SASL PLAIN
	     authentication with username as the authentication ID.

     {BSDAUTH}username#class
	     Same as above, but overrides the login class.

     Without a prefix, the userPassword attribute is compared literally with
     the provided plain text password.

     When using SASL binds, the authentication ID should be a valid username
     for BSD Authentication.

     For plain text passwords to be accepted, the connection must be
     considered secure, either by using an encrypted connection, or by using
     the secure keyword in the configuration file.

FILES
     /etc/ldapd.conf		 default ldapd configuration file
     /var/run/ldapd.sock	 default ldapd control socket
     /var/db/ldap/*.db		 ldapd database files

SEE ALSO
     ldapd.conf(5), login.conf(5), ldapctl(8)

     Lightweight Directory Access Protocol (LDAP): The Protocol, RFC 4511,
     June 2006.

     Lightweight Directory Access Protocol (LDAP): Directory Information
     Models, RFC 4512, June 2006.

HISTORY
     The ldapd program first appeared in OpenBSD 4.8.

CAVEATS
     ldapd is not yet fully LDAPv3 compliant.

OpenBSD 4.9		       January 28, 2011			   OpenBSD 4.9

Vote for polarhome