lsldap
Use the lsldap command to display the details for the system-wide Lightweight Directory Access Protocol (LDAP) configuration.
Syntax
Parameters
- -nohdr
- (Optional) By default, headings are displayed for each column of data in a concise style view,
and for each item of data in a detailed style view. The -nohdr parameter
suppresses the display of these headings.Note: If there is no data to be displayed, headings are not displayed.
- -delim delimiter
- (Optional) By default, in a concise view all columns of data are space-separated, with the width of each column set to the maximum width of each item of data. In a detailed view, each item of data is an individual row, and if you display headers, the data is separated from the header by a space. The -delim parameter overrides this behavior. Valid input for the -delim parameter is a 1-byte character. Enter -delim : on the command line, and the colon character (:) separates all items of data in a concise view (for example, the spacing of columns does not occur); in a detailed view, the specified delimiter separates the data from its header.
Description
This table
provides the attribute values that can be displayed as output view data.
Attribute | Value |
---|---|
type | Indicates the LDAP server type. The values are:
|
enabled | Indicates whether native LDAP authentication is enabled. The value is
yes or no / |
error_sequence_number | Indicates the sequence number of non-fixed LDAP configuration error log. The value is a number (integer). |
username | Indicates the binding user name or distinguished name. The value is an alphanumeric string or blank if there is no name. |
security | Indicates the type of security in use. The values are:
|
user_attribute | Indicates the LDAP attribute that represents the user login. |
group_attribute | Indicates the LDAP attribute that represents the user group membership. |
audit_log_attribute | Indicates the LDAP attribute that represents the user name in audit log. |
auth_cache_minutes | Indicates the period (in minutes) for which to cache session details. |
nested_group_search | Indicates the handling of nested groups. The values are:
|
An invocation example
lsldap -delim :
The resulting output:
type:ad
enabled:yes
error_sequence_number:12
username:admin@company.com
security:tls
user_attribute:sAMAccountName
group_attribute:memberOf
audit_log_attribute:userPrincipalName
auth_cache_minutes:10
nested_group_search:off