ldaplist(1)
NAME
ldaplist - search and list naming information from a LDAP
directory using the configured profile
SYNOPSIS
/usr/bin/ldaplist [-dlv] [database [key]...]
/usr/bin/ldaplist -h
DESCRIPTION
The ldaplist utility searches for and lists the naming
information from the LDAP directory service defined in the
LDAP configuration files generated by ldapclient(1M) during
the client initialization phase. The Solaris LDAP client
must be set up in order to use this utility.
The database is either a container name or a database name
as defined in nsswitch.conf(4). A container is a non-leaf
entry in the Directory Information Tree (DIT) that contains
naming service information. The container name is the LDAP
Relative Distinguished Name (RDN) of the container rela-
tive to the defaultSearchBase as defined in the configura-
tion files. For example, for a container named
ou=people, the database name is the database specified in
nsswitch.conf. This database is mapped to a container, for
example, passwd maps to ou=people. If an invalid database
is specified, it will be mapped to a generic container,
for example, nisMapName=name).
The key is the attribute value to be searched in the data-
base. You can specify more than one key to be searched in
the same database. The key can be specified in either of two
forms: attribute=value or value. In the first case, ldaplist
passes the search key to the server. In the latter case, an
attribute is assigned depending on how the database is
specified. If the database is a container name, then the
"cn" attribute type is used. If it is a valid database name
as defined in the nsswitch.conf, then a predefined attribute
type is used (see table below). If it is an invalid data-
base name, then cn is used as the attribute type.
The ldaplist utility relies on the Schema defined in the RFC
2307bis, currently an IETF draft. The data stored on the
LDAP server must be stored based on this Schema, unless the
profile contains schema mapping definitions. For more
information on schema mapping see ldapclient(1M). The
following table lists the default mapping from the data-
base names to the container, the LDAP object class, and the
attribute type used if not defined in the key.
__________________________________________________________________________
| Database | Object Class | Attribute Type | Container |
|_______________|__________________|_________________|____________________|
| aliases | mailGroup | cn | ou=Aliases |
|_______________|__________________|_________________|____________________|
| automount | nisObject | cn | nisMapName=auto_* |
|_______________|__________________|_________________|____________________|
| bootparams | bootableDevice | cn | ou=Ethers |
|_______________|__________________|_________________|____________________|
| ethers | ieee802Device | cn | ou=Ethers |
|_______________|__________________|_________________|____________________|
| group | posixgroup | cn | ou=Group |
|_______________|__________________|_________________|____________________|
| hosts | ipHost | cn | ou=Hosts |
|_______________|__________________|_________________|____________________|
| ipnodes | ipHost | cn | ou=Hosts |
|_______________|__________________|_________________|____________________|
| netgroup | ipNetgroup | cn | ou=Netgroup |
|_______________|__________________|_________________|____________________|
| netmasks | ipNetwork | ipnetworknumber| ou=Networks |
|_______________|__________________|_________________|____________________|
| networks | ipNetwork | ipnetworknumber| ou=Networks |
|_______________|__________________|_________________|____________________|
| passwd | posixAccount | uid | ou=People |
|_______________|__________________|_________________|____________________|
| protocols | ipProtocol | cn | ou=Protocols |
|_______________|__________________|_________________|____________________|
| publickey | nisKeyObject | uidnumber | ou=People |
|_______________|__________________|_________________|____________________|
| | | cn | ou=Hosts |
|_______________|__________________|_________________|____________________|
| rpc | oncRpc | cn | ou=Rpc |
|_______________|__________________|_________________|____________________|
| services | ipService | cn | ou=Services |
|_______________|__________________|_________________|____________________|
| printers | printerService | printer-uri | ou=printers |
|_______________|__________________|_________________|____________________|
| auth_attr | SolarisAuthAttr | nameT | ou=SolarisAuthAttr|
|_______________|__________________|_________________|____________________|
| prof_attr | SolarisProfAttr | nameT | ou=SolarisProfAttr|
|_______________|__________________|_________________|____________________|
| exec_attr | SolarisExecAttr | nameT | ou=SolarisProfAttr|
|_______________|__________________|_________________|____________________|
| user_attr | SolarisUserAttr | uidT | ou=people |
|_______________|__________________|_________________|____________________|
| audit_user | SolarisAuditUser| uidT | ou=people |
|_______________|__________________|_________________|____________________|
o auto_* represents auto_home, auto_direct, ...
o If the key starts with a digit, it will be interpreted
as an uid number.
o If the key starts with a non-digit, it will be inter-
preted as a host name.
The ldaplist utility supports substring search by using the
wildcard "*" in the key. For example, "my*" will match any
strings that starts with "my". In some shell environments,
keys containing the wildcard may need to be quoted.
If the key is not specified, all the containers in the
current search baseDN will be listed.
OPTIONS
The following options are supported:
-d Lists the attributes for the specified database,
rather than the entries. By default, the entries are
listed.
-h Lists the database mapping.
-l Lists all the attributes for each entry matching the
search criteria. By default, ldaplist lists only the
Distinguished Name of the entries found.
-v Sets verbose mode. The ldaplist utility will also
print the filter used to search for the entry. The
filter will be prefixed with "+++".
EXAMPLES
Example 1: Listing All Entries in the Hosts Database
example% ldaplist hosts
Example 2: Listing All Entries in a Non-Standard Database
ou=new
example% ldaplist ou=new
Example 3: Finding "user1" in the passwd Database
example% ldaplist passwd user1
Example 4: Finding the Entry With Service Port of 4045 in
the services Database
example% ldaplist services ipServicePort=4045
Example 5: Finding All Users With Username Starting with new
in the passwd Database
example% ldaplist passwd 'new*'
Example 6: Listing the Attributes for the hosts Database
example% ldaplist -d hosts
EXIT STATUS
The following exit values are returned:
0 Successfully matched some entries.
1 Successfully searched the table and no matches were
found.
2 An error occurred. An error message is output.
FILES
/var/ldap/ldap_client_file
/var/ldap/ldap_client_cred
Files that contain the LDAP configuration of the
client. Do not manually modify these files. Their
content is not guaranteed to be human readable. To
update these files, use ldapclient(1M)
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWnisu |
|_____________________________|_____________________________|
| Interface Stability | Evolving |
|_____________________________|_____________________________|
SEE ALSO
ldap(1), ldapadd(1), ldapdelete(1), ldapmodify(1), ldap-
modrdn(1), ldapsearch(1), idsconfig(1M), ldap_cachemgr(1M),
ldapaddent(1M), ldapclient(1M), suninstall(1M),
resolv.conf(4), attributes(5)
NOTES
RFC 2307bis is an IETF informational document in draft stage
that defines an approach for using LDAP as a naming service.
Man(1) output converted with
man2html