slapd man page on OpenDarwin

Man page or keyword search:  
man Server   3202 pages
apropos Keyword Search (all sections)
Output format
OpenDarwin logo
[printable version]

SLAPD(8C)							     SLAPD(8C)

       slapd - Stand-alone LDAP Daemon

       /usr/libexec/slapd [-[4|6]] [-d debug-level] [-f slapd-config-file] [-h
       URLs] [-n service-name] [-s syslog-level]  [-l  syslog-local-user]  [-r
       directory] [-u user] [-g group] [-t]

       Slapd  is  the stand-alone LDAP daemon. It listens for LDAP connections
       on any number of ports (default 389), responding to the LDAP operations
       it receives over these connections.  slapd is typically invoked at boot
       time, usually out of /etc/rc.local.  Upon startup, slapd normally forks
       and  disassociates  itself  from	 the  invoking	tty.  If configured in
       /etc/openldap/slapd.conf, the slapd process will print its process ID (
       see  getpid(2)  )  to  a .pid file, as well as the command line options
       during invocation to an .args file ( see slapd.conf(5) ).   If  the  -d
       flag  is given, even with a zero argument, slapd will not fork and dis‐
       associate from the invoking tty.

       Slapd can be configured to provide replicated service  for  a  database
       with the help of slurpd, the standalone LDAP update replication daemon.
       See slurpd(8) for details.

       See the "OpenLDAP Administrator's Guide" for more details on slapd.

       -4     Listen on IPv4 addresses only.

       -6     Listen on IPv6 addresses only.

       -d debug-level
	      Turn on debugging as defined by debug-level.  If this option  is
	      specified,  even	with  a	 zero argument, slapd will not fork or
	      disassociate from the invoking terminal.	Some general operation
	      and  status  messages  are printed for any value of debug-level.
	      debug-level is taken as a bit string, with each bit  correspond‐
	      ing  to a different kind of debugging information.  See <ldap.h>
	      for details.  Remember that if you turn on packet logging, pack‐
	      ets containing bind passwords will be output, so if you redirect
	      the log to a logfile, that file should be read-protected.

       -s syslog-level
	      This option tells	 slapd	at  what  level	 debugging  statements
	      should be logged to the syslog(8) facility.

       -n service-name
	      Specifies	 the  service  name  for  logging  and other purposes.
	      Defaults to basename of argv[0], i.e.: "slapd".

       -l syslog-local-user
	      Selects the local user of the syslog(8) facility. Values can  be
	      LOCAL0, LOCAL1, and so on, up to LOCAL7.	The default is LOCAL4.
	      However, this option is only permitted on systems	 that  support
	      local users with the syslog(8) facility.

       -f slapd-config-file
	      Specifies	  the	slapd	configuration  file.  The  default  is

       -h URLlist
	      slapd will by default serve  ldap:///  (LDAP  over  TCP  on  all
	      interfaces  on  default LDAP port).  That is, it will bind using
	      INADDR_ANY and port 389.	The -h option may be used  to  specify
	      LDAP (and other scheme) URLs to serve.  For example, if slapd is
	      given -h "ldap:// ldaps:/// ldapi:///" , It  will
	      bind for LDAP, for LDAP over TLS, and
	      LDAP over IPC (Unix domain sockets).   Host  represents
	      INADDR_ANY.   A  space  separated list of URLs is expected.  The
	      URLs should be of LDAP (ldap://) or LDAP over TLS (ldaps://)  or
	      LDAP  over  IPC (ldapi://) scheme without a DN or other optional
	      parameters, except an experimental  extension  to	 indicate  the
	      permissions  of  the underlying socket, on those OSes that honor
	      them.  Support for the latter two schemes	 depends  on  selected
	      configuration  options.	Hosts may be specified by name or IPv4
	      and IPv6 address formats.	 Ports, if specfied, must be  numeric.
	      The default ldap:// port is 389 and the default ldaps:// port is
	      636.  The socket permissions for LDAP over IPC are indicated  by
	      "x-mod=-rwxrwxrwx",  "x-mod=0777"	 or  "x-mod=777", where any of
	      the "rwx" can be "-" to suppress the related  permission	(note,
	      however,	that sockets only honor the "w" permission), while any
	      of the "7" can be any legal octal digit, according to chmod(1).

       -r directory
	      Specifies a chroot "jail" directory.  slapd will	chdir(2)  then
	      chroot(2)	 to  this directory after opening listeners but before
	      reading any configuration file or initializing any backend.

       -u user
	      slapd will run slapd with the specified user  name  or  id,  and
	      that  user's  supplementary  group access list as set with init‐
	      groups(3).  The group ID is also changed	to  this  user's  gid,
	      unless the -g option is used to override.

       -g group
	      slapd will run with the specified group name or id.

       Note  that  on some systems, running as a non-privileged user will pre‐
       vent passwd back-ends from accessing  the  encrypted  passwords.	  Note
       also  that any shell back-ends will run as the specified non-privileged

       -t     slapd will read the configuration file (the default if  none  is
	      given  with the -f switch) and check its syntax, without opening
	      any listener or database.

       To start slapd and have it fork and detach from the terminal and	 start
       serving	the  LDAP  databases  defined in the default config file, just


       To start slapd with an alternate configuration file, and turn on	 volu‐
       minous debugging which will be printed on standard error, type:

	    /usr/libexec/slapd -f /var/tmp/slapd.conf -d 255

       To test whether the configuration file is correct or not, type:

	    /usr/libexec/slapd -t

       ldap(3), slapd.conf(5), slapd.access(5), slurpd(8)

       "OpenLDAP Administrator's Guide" (


       OpenLDAP	  is   developed   and	maintained  by	The  OpenLDAP  Project
       (  OpenLDAP is	 derived  from	University  of
       Michigan LDAP 3.3 Release.

OpenLDAP 2.1.X			  RELEASEDATE			     SLAPD(8C)

List of man pages available for OpenDarwin

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net