|
Oracle® Identity Management User Reference
10g Release 2 (10.1.2) B15883-01 |
|
 Previous |
 Next |
|
Oracle® Identity Management User Reference
10g Release 2 (10.1.2) B15883-01 |
|
|
Previous |
Next |
The ldapbind command-line tool enables you to see whether you can authenticate a client to a server.
ldapbind -h oid_hostname -D "binddn" -w password [-p ldap_port] [-V ldap_version] [-n] [-O "auth"] [-Y "DIGEST-MD5|EXTERNAL"] [-R SASL_realm] [-U SSL_auth_mode {-W wallet_location -P wallet_password}] [-E character_set]
-h oid_hostname
Required. The host name or IP address of the Oracle Internet Directory server.
-D "binddn"
Required. The DN of the Oracle Internet Directory user needed to bind to the directory (for example, cn=orcladmin).
-w password
Required. The user password needed to bind to the directory.
-p ldap_port
Optional. The port number used to connect to the Oracle Internet Directory server. Defaults to port 389.
-V ldap_version
Optional. The version of the LDAP protocol to use. Allowed values are 2 or 3. Defaults to 3 (LDAP v3).
-O "auth"
Optional. Specifies SASL security properties. The security property supported is -O "auth". This security property is for DIGEST-MD5 SASL mechanism. It enables authentication with no data integrity or data privacy.
-Y "DIGEST-MD5 | EXTERNAL"
Optional. Specifies a Simple Authentication and Security Layer (SASL) mechanism. The following mechanisms are supported:
DIGEST-MD5
EXTERNAL - The SASL authentication in this mechanism is done on top of two-way SSL authentication. In this case the identity of the user stored in the SSL wallet is used for SASL authentication.
-R SASL_realm
Optional. A SASL realm.
-U SSL_auth_mode
Optional. The SSL authentication mode:
1 for no authentication required.
2 for one way authentication required. You must also supply a wallet location and wallet password.
3 for two way authentication required. You must also supply a wallet location and wallet password.
-W wallet_location
Required if using one way or two way SSL authentication (-U 2|3). The location of the wallet file that contains the server's SSL certificates.
Example for UNIX:
-W "file:/home/my_dir/my_wallet"
Example for Microsoft Windows:
-W "file:C:\my_dir\my_wallet"
-P wallet_password
Required if using one way or two way SSL authentication (-U 2|3). The wallet password for the wallet specified in the -W argument.
-E character_set
Optional. The native character set encoding. Defaults to the character set of the user's terminal. Each supported character set has a unique acronym, for example, WE8MSWIN1252, JA16SJIS, or AL32UTF8.
Using the ldapbind tool, you can perform the following task:
The following example shows how to validate the authentication credentials used to bind to the directory server when using SSL.
Example:
ldapbind -h myhost.company.com -D "cn-orcladmin" -w password -p 636 -U 2 -W "file:/home/my_dir/my_wallet" -P password
