Giter VIP home page Giter VIP logo

ldap-auth's Introduction

NAME

ldap-auth - program to check a users credentials against an LDAP server

SYNOPSIS

ldap-auth -H LDAP URI -b LDAP search base -u username -p password [ -D LDAP bind DN ] [ -w LDAP DN password ] [ -y password file ] [ --help | -h ] [ --man ]

DESCRIPTION

Given an LDAP server URI and a username and password, searches for that username in the LDAP directory and after finding the DN of the user attempts to bind as that DN with the password.

It's assumed that the user will match the search filter: (uid=username)

On success (user found in LDAP and password authenticates the user) exit status 0 is returned. If a non-zero exit code is returned some failure occured - including the user not being found or an incorrect password.

The passwords for the user and the DN are visible on UNIX platforms whilst the command runs - if this is a concern then the -y argument should be used to read the passwords from a file.

EXAMPLES

ldap-auth -H ldaps://ldap.company.com -b dc=company,dc=com -u jimbob -p foo

Searches for the user 'jimbob' under the DN dc=company,dc=com. If the user is found, bind as that user with the password 'foo'. Return 0 if successfull, otherwise non-zero.

ldap-auth -H ldaps://ldap.company.com -b dc=company,dc=com -u jimbob -y password_file

Reads the password for the user jimbob from the file password_file.

OPTIONS

-H LDAP URI

The URI of the LDAP server. It's recommended that SSL is used to secure the connection - although no validation of the SSL certificate is currently made.

-b LDAP search base

The DN at which to start the search.

-u username

The username of the user to search for.

-p password

The password of the user.

-D LDAP bind DN

A DN to bind to the LDAP server with if anonymous binds are not allowed.

-w LDAP DN password

The password for the DN supplied with the -I argument.

-y password file

Path to file containing passwords for binding to the server.

The first line is the user's password. If a second line is present then it's assumed to be the password for the DN supplied with the -I argument.

If the password file name is '-' then the file is read from standard input.

--help | -h

Display the command line arguments.

--man

Display the man page

SEE ALSO

Net::LDAP

BUGS

SSL certificates are not validated.

AUTHOR

Jonathan Barber - <[email protected]>

ldap-auth's People

Contributors

jbarber avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.