LinuxGuruz
  • Last 5 Forum Topics
    Replies
    Views
    Last post


The Web Only This Site
  • BOOKMARK

  • ADD TO FAVORITES

  • REFERENCES


  • MARC

    Mailing list ARChives
    - Search by -
     Subjects
     Authors
     Bodies





    FOLDOC

    Computing Dictionary




  • Text Link Ads






  • LINUX man pages
  • Linux Man Page Viewer


    The following form allows you to view linux man pages.

    Command:

    slapacl

    
    
    

    SYNOPSIS

           /usr/sbin/slapacl   -b DN  [-d debug-level]  [-D authcDN |  -U authcID]
           [-f slapd.conf]    [-F confdir]    [-o option[=value]]    [-u]     [-v]
           [-X authzID | -o  authzDN=DN] [attr[/access][:value]] [...]
    
    
    

    DESCRIPTION

           slapacl  is  used to check the behavior of slapd(8) by verifying access
           to directory data according  to  the  access  control  list  directives
           defined in its configuration.  It opens the slapd.conf(5) configuration
           file or the slapd-config(5)  backend,  reads  in  the  access/olcAccess
           directives, and then parses the attr list given on the command-line; if
           none is given, access to the entry pseudo-attribute is tested.
    
    
    

    OPTIONS

           -b DN  specify the DN which access is requested to;  the  corresponding
                  entry is fetched from the database, and thus it must exist.  The
                  DN is also used to determine what rules apply; thus, it must  be
                  in the naming context of a configured database.  See also -u.
    
           -d debug-level
                  enable  debugging  messages  as  defined by the specified debug-
                  level; see slapd(8) for details.
    
           -D authcDN
                  specify a DN to be used as identity  through  the  test  session
                  when selecting appropriate <by> clauses in access lists.
    
           -f slapd.conf
                  specify an alternative slapd.conf(5) file.
    
           -F confdir
                  specify  a  config  directory.  If both -f and -F are specified,
                  the config file will be read and converted to  config  directory
                  format  and  written  to  the  specified  directory.  If neither
                  option is specified, an  attempt  to  read  the  default  config
                  directory  will  be made before trying to use the default config
                  file. If a valid config directory exists then the default config
                  file is ignored.
    
           -o option[=value]
                  Specify  an  option  with a(n optional) value.  Possible generic
                  options/values are:
    
                         syslog=<subsystems>  (see '-s' in slapd(8))
                         syslog-level=<level> (see '-S' in slapd(8))
                         syslog-user=<user>   (see '-l' in slapd(8))
    
                  Possible options/values specific to slapacl are:
    
                         authzDN
    
                  rules  that depend on the contents of the target object will not
                  behave as with the real object.  The DN given with the -b option
                  is  still  used  to select what rules apply; thus, it must be in
                  the naming context of a configured database.  See also -b.
    
           -U authcID
                  specify an ID to be mapped to a DN as by means  of  authz-regexp
                  or authz-rewrite rules (see slapd.conf(5) for details); mutually
                  exclusive with -D.
    
           -v     enable verbose mode.
    
           -X authzID
                  specify an authorization ID to be mapped to a DN as by means  of
                  authz-regexp  or  authz-rewrite  rules  (see  slapd.conf(5)  for
                  details); mutually exclusive with -o authzDN=DN.
    
    
    

    EXAMPLES

           The command
    
                /usr/sbin/slapacl -f /etc/openldap/slapd.conf -v \
                       -U bjorn -b "o=University of Michigan,c=US" \
                    "o/read:University of Michigan"
    
           tests whether the user bjorn can access the attribute o  of  the  entry
           o=University of Michigan,c=US at read level.
    
    
    

    SEE ALSO

           ldap(3), slapd(8), slaptest(8), slapauth(8)
    
           "OpenLDAP Administrator's Guide" (http://www.OpenLDAP.org/doc/admin/)
    
    
    

    ACKNOWLEDGEMENTS

           OpenLDAP  Software  is developed and maintained by The OpenLDAP Project
           <http://www.openldap.org/>.  OpenLDAP Software is derived from  Univer-
           sity of Michigan LDAP 3.3 Release.
    
    
    

    OpenLDAP 2.4.40 2014/09/20 SLAPACL(8C)

    
    
  • MORE RESOURCE


  • Linux

    The Distributions





    Linux

    The Software





    Linux

    The News



  • MARKETING






  • Toll Free

webmaster@linuxguruz.com
Copyright © 1999 - 2016 by LinuxGuruz