From 63cd0d60ea24a7c7de4289a4240d40fa4ac46ff2 Mon Sep 17 00:00:00 2001 From: Sergei Nikulov Date: Wed, 24 May 2017 01:03:29 +0300 Subject: [PATCH] LDAP: documentation update per #878 changes (#1506) --- docs/FEATURES | 2 +- docs/MANUAL | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/docs/FEATURES b/docs/FEATURES index 24fa56dd3..39ac39040 100644 --- a/docs/FEATURES +++ b/docs/FEATURES @@ -185,7 +185,7 @@ FOOTNOTES *1 = requires OpenSSL, GnuTLS, NSS, yassl, axTLS, PolarSSL, WinSSL (native Windows), Secure Transport (native iOS/OS X) or GSKit (native IBM i) - *2 = requires OpenLDAP + *2 = requires OpenLDAP or WinLDAP *3 = requires a GSS-API implementation (such as Heimdal or MIT Kerberos) or SSPI (native Windows) *4 = requires a GSS-API implementation, however, only Windows SSPI is diff --git a/docs/MANUAL b/docs/MANUAL index 0ea3e61f4..330f99aea 100644 --- a/docs/MANUAL +++ b/docs/MANUAL @@ -815,6 +815,10 @@ LDAP If you have installed the OpenLDAP library, curl can take advantage of it and offer ldap:// support. + On Windows, curl will use WinLDAP from Platform SDK by default. + + Default protocol version used by curl is LDAPv3. LDAPv2 will be used as + fallback mechanism in case if LDAPv3 will fail to connect. LDAP is a complex thing and writing an LDAP query is not an easy task. I do advise you to dig up the syntax description for that elsewhere. One such @@ -830,6 +834,20 @@ LDAP If I want the same info in HTML format, I can get it by not using the -B (enforce ASCII) flag. + You also can use authentication when accessing LDAP catalog: + + curl -u user:passwd "ldap://ldap.frontec.se/o=frontec??sub?mail=*" + curl "ldap://user:passwd@ldap.frontec.se/o=frontec??sub?mail=*" + + By default, if user and password provided, OpenLDAP/WinLDAP will use basic + authentication. On Windows you can control this behavior by providing + one of --basic, --ntlm or --digest option in curl command line + + curl --ntlm "ldap://user:passwd@ldap.frontec.se/o=frontec??sub?mail=*" + + On Windows, if no user/password specified, auto-negotiation mechanism will + be used with current logon credentials (SSPI/SPNEGO). + ENVIRONMENT VARIABLES Curl reads and understands the following environment variables: