The different configuration options are:
HOST <name>
Used to specify the name of an LDAP server to which
ud
should connect. There may be only one entry per config file.
The server's name can be specified as a domain-style name or an IP address.
BASE <base>
Used to specify the search base to use when performing search operations.
The base may be changed by those using
ud
by using the
cb
command.
There may be only one entry per config file.
The base must be specified as a Distinguished Name in LDAP format.
GROUPBASE <base>
Used to specify the base used when creating groups.
The base may be changed by those using
ud
by using the
changegroup
command.
There may be only one entry per config file.
The base must be specified as a Distinguished Name in LDAP format.
SEARCH <algorithm>
Used to specify a search algorithm to use when performing searches. More than
one algorithm may be specified, and each is tried in turn until a suitable
response is found.
Each algorithm specifies a filter that should be used when performing a find
operation. Filters contain LDAP-style attribute types (e.g., uid, cn,
postalAddress)
and operators to test for equality or approximate equality. Prefix operators
may also be used to specify AND, OR and NOT operations (see ldap(3) for
more details on the filter format). Algorithms use a
compile-time constant as a separator to use when parsing the input the user
has provided. This parsed input can then be referenced similarly to an
awk
program using symbols like $1, $2, and $0 for the entire batch of input.
For example, the algoritm
cn=$0
causes
ud
to perform a lookup on the entire string the user has typed, searching for
anything where the commonName exactly matches the whole thing.
Another example,
sn~=$NF
causes
ud
to do a search where the last element the user has typed (NF = number of fields
and is a special "number" that can be used in
awk
as well as
ud )
searching for any matches that approximately match Surname.
Search algorithms also support a special feature which allows one to specify
the
exact
number of fields that must be present in order for the algorithm to be
applied. This number must be specified between square brackets.
For example,
[1] uid=$1
causes this algorithm to be applied when the number of fields is exactly equal
to one. If there is exactly one field, the token is looked up as a UID.