lsldap

Use the lsldap command to display the details for the system-wide Lightweight Directory Access Protocol (LDAP) configuration.

Syntax

Read syntax diagramSkip visual syntax diagram lsldap

Parameters

-delim delimiter
(Optional) Specify a delimiter to separate data in the output.
-nohdr
(Optional) Suppress the headings in the output.

Description

This table provides the attribute values that can be displayed as output view data.
Table 1. lsldap attribute values
Attribute Value
type Indicates the LDAP server type. The values are:
  • ad indicates that it is an Active Directory server.
  • itds indicates that it is an IBM® Tivoli® Directory Server.
  • other indicates that it is another type of server.
enabled Indicates whether native LDAP authentication is enabled. The value is yes or no/
error_sequence_number Indicates the sequence number of non-fixed LDAP configuration error log. The value is a number (integer).
username Indicates the binding user name or distinguished name. The value is an alphanumeric string or blank if there is no name.
security Indicates the type of security in use. The values are:
  • tls indicates that it is Transport Layer Security.
  • ssl indicates that it is Secure Socket Layer.
  • none indicates that there is no security.
user_attribute Indicates the LDAP attribute that represents the user login.
group_attribute Indicates the LDAP attribute that represents the user group membership.
audit_log_attribute Indicates the LDAP attribute that represents the user name in audit log.
auth_cache_minutes Indicates the period (in minutes) for which to cache session details.
nested_group_search Indicates the handling of nested groups. The values are:
  • off indicates that there is no nested group handling search.
  • client indicates that the system must search for nested groups on the client.
  • server indicates that the system must search for nested groups on the server.