man ldapvi (Commandes) - LDAP client
NAME
ldapvi - LDAP client
SYNOPSIS
ldapvi [OPTION]... [FILTER] [AD]...
DESCRIPTION
- ldapvi --diff FILE1 FILE2
Perform an LDAP search and update results using a text editor.
Connection options:
- -h, --host URL
- Server.
- -D, --user USER
- Search filter or DN: User to bind as.
- -w, --password SECRET
- USER's password.
Search parameters:
- -b, --base DN
- Search base.
- -s, --scope SCOPE
- Search scope. One of base|one|sub.
- -S, --sort KEYS
- Sort control (critical).
Miscellaneous options:
- -A, --add
- Don't search, start with empty file.
- -a, --deref
- never|searching|finding|always
- -M, --managedsait
- manageDsaIT control (critical).
- -Z, --starttls
- Require startTLS.
- -q, --quiet
- Disable progress output.
- -v, --verbose
- Note every update.
- -!, --noquestions
- Don't ask for confirmation.
- -H, --help
- This help.
Environment variables: VISUAL, EDITOR, PAGER.
User names can be specified as distinguished names:
- uid=foo,ou=bar,dc=acme,dc=com
or search filters:
- (uid=foo)
Note the parenthesis, which can be omitted from search filters usually, but are required here. For this searching bind to work your client library must be configured with appropriate default search parameters.
A special (offline) option is --diff, which compares two files and writes any changes to standard output in LDIF format.
REPORTING BUGS
Report bugs to "david@lichteblau.com".
FILE FORMAT
ldapvi uses an LDIF-like syntax, but not standard LDIF. For a precise definition, see `ldapvi-file' below. LDIF is defined in RFC 2849.
RFC 2849 modifies the language generated by its BNF grammar with the "Notes on LDIF Syntax" (2) and (3) presented there. These notes do not apply to ldapvi syntax as stated: Line folding and comments can be used, but are allowed specificially by our modified BNF, not hacked into the rules later. Line folding is allowed only in LDIF-compatible attribute values and comments. ldapvi files cannot be read line-by-line without knowing the encoding of those lines, since newlines are permitted in certain attribute value representations.
The following rules are used as defined in RFC 2849 and not reproduced here: AttributeDescription, SAFE-STRING, BASE64-STRING, SPACE.
Changes to the RFC 2849 BNF grammar
ldapvi-file = vspace ldif-attrval-record
*(vspace SEP vspace ldif-attrval-record) vspace
ldif-attrval-record = *(comment) dn-spec SEP 1*(*(comment) attrval-spec)
vspace = *(comment / sep) comment = "#" *(unescaped-char) *(SEP " " *(unescaped-char)) SEP
dn-spec = key distinguishedName SEP key = number / "add" distinguishedName = value-spec ;encoding an RFC 2253 DN
attrval-spec = AttributeDescription value-spec SEP value-spec = (SPACE escaped-string / ;escape CR/LF with '\\' ":" SPACE 0*1(SAFE-STRING ;LDIF compatible *(SEP " " *SAFE-CHAR)) / "::" SPACE BASE64-STRING / ;ditto ":" number SPACE 0*1(octet) / ;exactly `number' octets ":<" SPACE url / ;only file:// supported ":crypt" SPACE password / ;for userPassword ":md5" SPACE password / ;; other encoding markers reserved )
octet = %x00-ff number = 1*(%x30-39) ;any decimal number unescaped-char = %x00-%x09 / %x0a-0c / %x0d-ff ;any except for CR/LF. escaped-string = *(unescaped-char / %x5c %x0a / %x5c %x0d / %x5c %x5c) password = 0*unescaped-char SEP = LF ;this is a unix program!
AUTHOR
David Lichteblau <david@lichteblau.com>