lsldap

Use the lsldap command to display the details for the system-wide Lightweight Directory Access Protocol (LDAP) configuration.

Syntax

Read syntax diagramSkip visual syntax diagram
>>- lsldap -- --+----------+-- --+-----------------------+-----><
                '- -nohdr -'     '- -delim -- delimiter -'   

Parameters

-nohdr
(Optional) By default, headings are displayed for each column of data in a concise style view, and for each item of data in a detailed style view. The -nohdr parameter suppresses the display of these headings.
Note: If there is no data to be displayed, headings are not displayed.
-delim delimiter
(Optional) By default, in a concise view all columns of data are space-separated, with the width of each column set to the maximum possible width of each item of data. In a detailed view, each item of data is an individual row, and if displaying headers, the data is separated from the header by a space. The -delim parameter overrides this behavior. Valid input for the -delim parameter is a one-byte character. Enter -delim : on the command line, and the colon character (:) separates all items of data in a concise view (for example, the spacing of columns does not occur); in a detailed view, the specified delimiter separates the data from its header

Description

Table 1 provides the attribute values that can be displayed as output view data.
Table 1. lsldap attribute values
Attribute Value
type LDAP server type:
  • Active Directory: ad
  • IBM Tivoli Directory Server: itds
  • Other: other
enabled Is native LDAP authentication enabled?
error_sequence_number Sequence number of non-fixed LDAP configuration error log
username Binding username or distinguished name (or blank if there is none)
security Type of security in use:
  • Transport Layer Security: tls
  • No security: none
user_attribute LDAP attribute representing user login
group_attribute LDAP attribute representing user group membership
audit_log_attribute LDAP attribute representing user name in audit log
auth_cache_minutes Period (in minutes) for which to cache session details
nested_group_search Handling of nested groups:
  • No nested group handling: off
  • Search nested groups on the client: client
  • Search nested groups on the server: server

An invocation example

lsldap -delim :

The resulting output:

type:ad
enabled:yes
error_sequence_number:12
username:admin@company.com
security:tls
user_attribute:sAMAccountName
group_attribute:memberOf
audit_log_attribute:userPrincipalName
auth_cache_minutes:10
nested_group_search:off
Parent topic: User management commands
Related reference:
chauthservice
chcurrentuser
chldap
chldapserver
chuser
chusergrp
lscurrentuser
lsldapserver
lsuser
lsusergrp
mkldapserver
mkuser
mkusergrp
rmldapserver
rmuser
rmusergrp
testldapserver
Related information: