1.lf 1 stdin 2.TH LDAP_GET_OPTION 3 "2020/04/28" "OpenLDAP 2.4.50" 3.\" $OpenLDAP$ 4.\" Copyright 1998-2020 The OpenLDAP Foundation All Rights Reserved. 5.\" Copying restrictions apply. See COPYRIGHT/LICENSE. 6.SH NAME 7ldap_get_option, ldap_set_option \- LDAP option handling routines 8.SH LIBRARY 9OpenLDAP LDAP (libldap, \-lldap) 10.SH SYNOPSIS 11.nf 12.B #include <ldap.h> 13.LP 14.BI "int ldap_get_option(LDAP *" ld ", int " option ", void *" outvalue ");" 15.LP 16.BI "int ldap_set_option(LDAP *" ld ", int " option ", const void *" invalue ");" 17.SH DESCRIPTION 18.LP 19These routines provide access to options stored either in a LDAP handle 20or as global options, where applicable. 21They make use of a neutral interface, where the type of the value 22either retrieved by 23.BR ldap_get_option (3) 24or set by 25.BR ldap_set_option (3) 26is cast to 27.BR "void *" . 28The actual type is determined based on the value of the 29.B option 30argument. 31Global options are set/retrieved by passing a NULL LDAP handle. LDAP handles 32inherit their default settings from the global options in effect at the time 33the handle is created. 34.TP 35.B LDAP_OPT_API_FEATURE_INFO 36Fills-in a 37.BR "LDAPAPIFeatureInfo" ; 38.BR outvalue 39must be a 40.BR "LDAPAPIFeatureInfo *" , 41pointing to an already allocated struct. 42The 43.B ldapaif_info_version 44field of the struct must be initialized to 45.B LDAP_FEATURE_INFO_VERSION 46before making the call. The 47.B ldapaif_name 48field must be set to the name of a feature to query. 49This is a read-only option. 50.TP 51.B LDAP_OPT_API_INFO 52Fills-in a 53.BR "LDAPAPIInfo" ; 54.BR outvalue 55must be a 56.BR "LDAPAPIInfo *" , 57pointing to an already allocated struct. The 58.B ldapai_info_version 59field of the struct must be initialized to 60.B LDAP_API_INFO_VERSION 61before making the call. 62If the version passed in does not match the current library 63version, the expected version number will be stored in the 64struct and the call will fail. 65The caller is responsible for freeing the elements of the 66.B ldapai_extensions 67array and the array itself using 68.BR ldap_memfree (3). 69The caller must also free the 70.BR ldapi_vendor_name . 71This is a read-only option. 72.TP 73.B LDAP_OPT_CLIENT_CONTROLS 74Sets/gets the client-side controls to be used for all operations. 75This is now deprecated as modern LDAP C API provides replacements 76for all main operations which accepts client-side controls as 77explicit arguments; see for example 78.BR ldap_search_ext (3), 79.BR ldap_add_ext (3), 80.BR ldap_modify_ext (3) 81and so on. 82.BR outvalue 83must be 84.BR "LDAPControl ***" , 85and the caller is responsible of freeing the returned controls, if any, 86by calling 87.BR ldap_controls_free (3), 88while 89.BR invalue 90must be 91.BR "LDAPControl *const *" ; 92the library duplicates the controls passed via 93.BR invalue . 94.TP 95.B LDAP_OPT_CONNECT_ASYNC 96Sets/gets the status of the asynchronous connect flag. 97.BR invalue 98should either be 99.BR LDAP_OPT_OFF 100or 101.BR LDAP_OPT_ON ; 102.BR outvalue 103must be 104.BR "int *" . 105When set, the library will call 106.BR connect (2) 107and return, without waiting for response. 108This leaves the handle in a connecting state. 109Subsequent calls to library routines will poll for completion 110of the connect before performing further operations. 111As a consequence, library calls that need to establish a connection 112with a DSA do not block even for the network timeout 113(option 114.BR LDAP_OPT_NETWORK_TIMEOUT ). 115This option is OpenLDAP specific. 116.TP 117.B LDAP_OPT_CONNECT_CB 118This option allows to set a connect callback. 119.B invalue 120must be a 121.BR "const struct ldap_conncb *" . 122Callbacks are executed in last in-first served order. 123Handle-specific callbacks are executed first, followed by global ones. 124Right before freeing the callback structure, the 125.B lc_del 126callback handler is passed a 127.B NULL 128.BR Sockbuf . 129Calling 130.BR ldap_get_option (3) 131for this option removes the callback whose pointer matches 132.BR outvalue . 133This option is OpenLDAP specific. 134.TP 135.B LDAP_OPT_DEBUG_LEVEL 136Sets/gets the debug level of the client library. 137.BR invalue 138must be a 139.BR "const int *" ; 140.BR outvalue 141must be a 142.BR "int *" . 143Valid debug levels are 144.BR LDAP_DEBUG_ANY , 145.BR LDAP_DEBUG_ARGS , 146.BR LDAP_DEBUG_BER , 147.BR LDAP_DEBUG_CONNS , 148.BR LDAP_DEBUG_NONE , 149.BR LDAP_DEBUG_PACKETS , 150.BR LDAP_DEBUG_PARSE , 151and 152.BR LDAP_DEBUG_TRACE . 153This option is OpenLDAP specific. 154.TP 155.B LDAP_OPT_DEFBASE 156Sets/gets a string containing the DN to be used as default base 157for search operations. 158.BR outvalue 159must be a 160.BR "char **" , 161and the caller is responsible of freeing the returned string by calling 162.BR ldap_memfree (3), 163while 164.BR invalue 165must be a 166.BR "const char *" ; 167the library duplicates the corresponding string. 168This option is OpenLDAP specific. 169.TP 170.B LDAP_OPT_DEREF 171Sets/gets the value that defines when alias dereferencing must occur. 172.BR invalue 173must be 174.BR "const int *" ; 175.BR outvalue 176must be 177.BR "int *" . 178They cannot be NULL. 179The value of 180.BR *invalue 181should be one of 182.BR LDAP_DEREF_NEVER 183(the default), 184.BR LDAP_DEREF_SEARCHING , 185.BR LDAP_DEREF_FINDING , 186or 187.BR LDAP_DEREF_ALWAYS . 188Note that this has ever been the only means to determine alias dereferencing 189within search operations. 190.TP 191.B LDAP_OPT_DESC 192Returns the file descriptor associated to the socket buffer 193of the LDAP handle passed in as 194.BR ld ; 195.BR outvalue 196must be a 197.BR "int *" . 198This is a read-only, handle-specific option. 199.TP 200.B LDAP_OPT_DIAGNOSTIC_MESSAGE 201Sets/gets a string containing the error string associated to the LDAP handle. 202This option was formerly known as 203.BR LDAP_OPT_ERROR_STRING . 204.BR outvalue 205must be a 206.BR "char **" , 207and the caller is responsible of freeing the returned string by calling 208.BR ldap_memfree (3), 209while 210.BR invalue 211must be a 212.BR "char *" ; 213the library duplicates the corresponding string. 214.TP 215.B LDAP_OPT_HOST_NAME 216Sets/gets a space-separated list of hosts to be contacted by the library 217when trying to establish a connection. 218This is now deprecated in favor of 219.BR LDAP_OPT_URI . 220.BR outvalue 221must be a 222.BR "char **" , 223and the caller is responsible of freeing the resulting string by calling 224.BR ldap_memfree (3), 225while 226.BR invalue 227must be a 228.BR "const char *" ; 229the library duplicates the corresponding string. 230.TP 231.B LDAP_OPT_MATCHED_DN 232Sets/gets a string containing the matched DN associated to the LDAP handle. 233.BR outvalue 234must be a 235.BR "char **" , 236and the caller is responsible of freeing the returned string by calling 237.BR ldap_memfree (3), 238while 239.BR invalue 240must be a 241.BR "const char *" ; 242the library duplicates the corresponding string. 243.TP 244.B LDAP_OPT_NETWORK_TIMEOUT 245Sets/gets the network timeout value after which 246.BR poll (2)/ select (2) 247following a 248.BR connect (2) 249returns in case of no activity. 250.B outvalue 251must be a 252.BR "struct timeval **" 253(the caller has to free 254.BR *outvalue ) , 255and 256.B invalue 257must be a 258.BR "const struct timeval *" . 259They cannot be NULL. Using a struct with seconds set to \-1 results 260in an infinite timeout, which is the default. 261This option is OpenLDAP specific. 262.TP 263.B LDAP_OPT_PROTOCOL_VERSION 264Sets/gets the protocol version. 265.BR outvalue 266and 267.BR invalue 268must be 269.BR "int *" . 270.TP 271.B LDAP_OPT_REFERRAL_URLS 272Sets/gets an array containing the referral URIs associated to the LDAP handle. 273.BR outvalue 274must be a 275.BR "char ***" , 276and the caller is responsible of freeing the returned string by calling 277.BR ldap_memvfree (3), 278while 279.BR invalue 280must be a NULL-terminated 281.BR "char *const *" ; 282the library duplicates the corresponding string. 283This option is OpenLDAP specific. 284.TP 285.B LDAP_OPT_REFERRALS 286Determines whether the library should implicitly chase referrals or not. 287.BR invalue 288must be 289.BR "const int *" ; 290its value should either be 291.BR LDAP_OPT_OFF 292or 293.BR LDAP_OPT_ON . 294.BR outvalue 295must be 296.BR "int *" . 297.\".TP 298.\".B LDAP_OPT_REFHOPLIMIT 299.\"This option is OpenLDAP specific. 300.\"It is not currently implemented. 301.TP 302.B LDAP_OPT_RESTART 303Determines whether the library should implicitly restart connections (FIXME). 304.BR invalue 305must be 306.BR "const int *" ; 307its value should either be 308.BR LDAP_OPT_OFF 309or 310.BR LDAP_OPT_ON . 311.BR outvalue 312must be 313.BR "int *" . 314.TP 315.B LDAP_OPT_RESULT_CODE 316Sets/gets the LDAP result code associated to the handle. 317This option was formerly known as 318.BR LDAP_OPT_ERROR_NUMBER . 319.BR invalue 320must be a 321.BR "const int *" . 322.BR outvalue 323must be a 324.BR "int *" . 325.TP 326.B LDAP_OPT_SERVER_CONTROLS 327Sets/gets the server-side controls to be used for all operations. 328This is now deprecated as modern LDAP C API provides replacements 329for all main operations which accepts server-side controls as 330explicit arguments; see for example 331.BR ldap_search_ext (3), 332.BR ldap_add_ext (3), 333.BR ldap_modify_ext (3) 334and so on. 335.BR outvalue 336must be 337.BR "LDAPControl ***" , 338and the caller is responsible of freeing the returned controls, if any, 339by calling 340.BR ldap_controls_free (3), 341while 342.BR invalue 343must be 344.BR "LDAPControl *const *" ; 345the library duplicates the controls passed via 346.BR invalue . 347.TP 348.B LDAP_OPT_SESSION_REFCNT 349Returns the reference count associated with the LDAP handle passed in as 350.BR ld ; 351.BR outvalue 352must be a 353.BR "int *" . 354This is a read-only, handle-specific option. 355This option is OpenLDAP specific. 356.TP 357.B LDAP_OPT_SIZELIMIT 358Sets/gets the value that defines the maximum number of entries 359to be returned by a search operation. 360.BR invalue 361must be 362.BR "const int *" , 363while 364.BR outvalue 365must be 366.BR "int *" ; 367They cannot be NULL. 368.TP 369.B LDAP_OPT_SOCKBUF 370Returns a pointer to the socket buffer of the LDAP handle passed in as 371.BR ld ; 372.BR outvalue 373must be a 374.BR "Sockbuf **" . 375This is a read-only, handle-specific option. 376This option is OpenLDAP specific. 377.TP 378.B LDAP_OPT_TIMELIMIT 379Sets/gets the value that defines the time limit after which 380a search operation should be terminated by the server. 381.BR invalue 382must be 383.BR "const int *" , 384while 385.BR outvalue 386must be 387.BR "int *" , 388and they cannot be NULL. 389.TP 390.B LDAP_OPT_TIMEOUT 391Sets/gets a timeout value for the synchronous API calls. 392.B outvalue 393must be a 394.BR "struct timeval **" 395(the caller has to free 396.BR *outvalue ) , 397and 398.B invalue 399must be a 400.BR "struct timeval *" , 401and they cannot be NULL. Using a struct with seconds set to \-1 results 402in an infinite timeout, which is the default. 403This option is OpenLDAP specific. 404.TP 405.B LDAP_OPT_URI 406Sets/gets a comma- or space-separated list of URIs to be contacted by the library 407when trying to establish a connection. 408.BR outvalue 409must be a 410.BR "char **" , 411and the caller is responsible of freeing the resulting string by calling 412.BR ldap_memfree (3), 413while 414.BR invalue 415must be a 416.BR "const char *" ; 417the library parses the string into a list of 418.BR LDAPURLDesc 419structures, so the invocation of 420.BR ldap_set_option (3) 421may fail if URL parsing fails. 422URIs may only contain the 423.BR schema , 424the 425.BR host , 426and the 427.BR port 428fields. 429This option is OpenLDAP specific. 430.SH SASL OPTIONS 431The SASL options are OpenLDAP specific. 432.TP 433.B LDAP_OPT_X_SASL_AUTHCID 434Gets the SASL authentication identity; 435.BR outvalue 436must be a 437.BR "char **" , 438its content needs to be freed by the caller using 439.BR ldap_memfree (3). 440.TP 441.B LDAP_OPT_X_SASL_AUTHZID 442Gets the SASL authorization identity; 443.BR outvalue 444must be a 445.BR "char **" , 446its content needs to be freed by the caller using 447.BR ldap_memfree (3). 448.TP 449.B LDAP_OPT_X_SASL_MAXBUFSIZE 450Gets/sets SASL maximum buffer size; 451.BR invalue 452must be 453.BR "const ber_len_t *" , 454while 455.BR outvalue 456must be 457.BR "ber_len_t *" . 458See also 459.BR LDAP_OPT_X_SASL_SECPROPS . 460.TP 461.B LDAP_OPT_X_SASL_MECH 462Gets the SASL mechanism; 463.BR outvalue 464must be a 465.BR "char **" , 466its content needs to be freed by the caller using 467.BR ldap_memfree (3). 468.TP 469.B LDAP_OPT_X_SASL_MECHLIST 470Gets the list of the available mechanisms, 471in form of a NULL-terminated array of strings; 472.BR outvalue 473must be 474.BR "char ***" . 475The caller must not free or otherwise muck with it. 476.TP 477.B LDAP_OPT_X_SASL_NOCANON 478Sets/gets the NOCANON flag. 479When unset, the hostname is canonicalized. 480.BR invalue 481must be 482.BR "const int *" ; 483its value should either be 484.BR LDAP_OPT_OFF 485or 486.BR LDAP_OPT_ON . 487.BR outvalue 488must be 489.BR "int *" . 490.TP 491.B LDAP_OPT_X_SASL_REALM 492Gets the SASL realm; 493.BR outvalue 494must be a 495.BR "char **" , 496its content needs to be freed by the caller using 497.BR ldap_memfree (3). 498.TP 499.B LDAP_OPT_X_SASL_SECPROPS 500Sets the SASL secprops; 501.BR invalue 502must be a 503.BR "char *" , 504containing a comma-separated list of properties. 505Legal values are: 506.BR none , 507.BR nodict , 508.BR noplain , 509.BR noactive , 510.BR passcred , 511.BR forwardsec , 512.BR noanonymous , 513.BR minssf=<minssf> , 514.BR maxssf=<maxssf> , 515.BR maxbufsize=<maxbufsize> . 516.TP 517.B LDAP_OPT_X_SASL_SSF 518Gets the SASL SSF; 519.BR outvalue 520must be a 521.BR "ber_len_t *" . 522.TP 523.B LDAP_OPT_X_SASL_SSF_EXTERNAL 524Sets the SASL SSF value related to an authentication 525performed using an EXTERNAL mechanism; 526.BR invalue 527must be a 528.BR "const ber_len_t *" . 529.TP 530.B LDAP_OPT_X_SASL_SSF_MAX 531Gets/sets SASL maximum SSF; 532.BR invalue 533must be 534.BR "const ber_len_t *" , 535while 536.BR outvalue 537must be 538.BR "ber_len_t *" . 539See also 540.BR LDAP_OPT_X_SASL_SECPROPS . 541.TP 542.B LDAP_OPT_X_SASL_SSF_MIN 543Gets/sets SASL minimum SSF; 544.BR invalue 545must be 546.BR "const ber_len_t *" , 547while 548.BR outvalue 549must be 550.BR "ber_len_t *" . 551See also 552.BR LDAP_OPT_X_SASL_SECPROPS . 553.TP 554.B LDAP_OPT_X_SASL_USERNAME 555Gets the SASL username; 556.BR outvalue 557must be a 558.BR "char **" . 559Its content needs to be freed by the caller using 560.BR ldap_memfree (3). 561.SH TCP OPTIONS 562The TCP options are OpenLDAP specific. 563Mainly intended for use with Linux, they may not be portable. 564.TP 565.B LDAP_OPT_X_KEEPALIVE_IDLE 566Sets/gets the number of seconds a connection needs to remain idle 567before TCP starts sending keepalive probes. 568.BR invalue 569must be 570.BR "const int *" ; 571.BR outvalue 572must be 573.BR "int *" . 574.TP 575.B LDAP_OPT_X_KEEPALIVE_PROBES 576Sets/gets the maximum number of keepalive probes TCP should send 577before dropping the connection. 578.BR invalue 579must be 580.BR "const int *" ; 581.BR outvalue 582must be 583.BR "int *" . 584.TP 585.B LDAP_OPT_X_KEEPALIVE_INTERVAL 586Sets/gets the interval in seconds between individual keepalive probes. 587.BR invalue 588must be 589.BR "const int *" ; 590.BR outvalue 591must be 592.BR "int *" . 593.SH TLS OPTIONS 594The TLS options are OpenLDAP specific. 595.\".TP 596.\".B LDAP_OPT_X_TLS 597.\"Sets/gets the TLS mode. 598.TP 599.B LDAP_OPT_X_TLS_CACERTDIR 600Sets/gets the path of the directory containing CA certificates. 601.BR invalue 602must be 603.BR "const char *" ; 604.BR outvalue 605must be 606.BR "char **" , 607and its contents need to be freed by the caller using 608.BR ldap_memfree (3). 609.TP 610.B LDAP_OPT_X_TLS_CACERTFILE 611Sets/gets the full-path of the CA certificate file. 612.BR invalue 613must be 614.BR "const char *" ; 615.BR outvalue 616must be 617.BR "char **" , 618and its contents need to be freed by the caller using 619.BR ldap_memfree (3). 620.TP 621.B LDAP_OPT_X_TLS_CERTFILE 622Sets/gets the full-path of the certificate file. 623.BR invalue 624must be 625.BR "const char *" ; 626.BR outvalue 627must be 628.BR "char **" , 629and its contents need to be freed by the caller using 630.BR ldap_memfree (3). 631.TP 632.B LDAP_OPT_X_TLS_CIPHER_SUITE 633Sets/gets the allowed cipher suite. 634.BR invalue 635must be 636.BR "const char *" ; 637.BR outvalue 638must be 639.BR "char **" , 640and its contents need to be freed by the caller using 641.BR ldap_memfree (3). 642.TP 643.B LDAP_OPT_X_TLS_CONNECT_ARG 644Sets/gets the connection callback argument. 645.BR invalue 646must be 647.BR "const void *" ; 648.BR outvalue 649must be 650.BR "void **" . 651.TP 652.B LDAP_OPT_X_TLS_CONNECT_CB 653Sets/gets the connection callback handle. 654.BR invalue 655must be 656.BR "const LDAP_TLS_CONNECT_CB *" ; 657.BR outvalue 658must be 659.BR "LDAP_TLS_CONNECT_CB **" . 660.TP 661.B LDAP_OPT_X_TLS_CRLCHECK 662Sets/gets the CRL evaluation strategy, one of 663.BR LDAP_OPT_X_TLS_CRL_NONE , 664.BR LDAP_OPT_X_TLS_CRL_PEER , 665or 666.BR LDAP_OPT_X_TLS_CRL_ALL . 667.BR invalue 668must be 669.BR "const int *" ; 670.BR outvalue 671must be 672.BR "int *" . 673Requires OpenSSL. 674.TP 675.B LDAP_OPT_X_TLS_CRLFILE 676Sets/gets the full-path of the CRL file. 677.BR invalue 678must be 679.BR "const char *" ; 680.BR outvalue 681must be 682.BR "char **" , 683and its contents need to be freed by the caller using 684.BR ldap_memfree (3). 685This option is only valid for GnuTLS. 686.TP 687.B LDAP_OPT_X_TLS_CTX 688Sets/gets the TLS library context. New TLS sessions will inherit their 689default settings from this library context. 690.BR invalue 691must be 692.BR "const void *" ; 693.BR outvalue 694must be 695.BR "void **" . 696When using the OpenSSL library this is an SSL_CTX*. When using other 697crypto libraries this is a pointer to an OpenLDAP private structure. 698Applications generally should not use this option or attempt to 699manipulate this structure. 700.TP 701.B LDAP_OPT_X_TLS_DHFILE 702Gets/sets the full-path of the file containing the parameters 703for Diffie-Hellman ephemeral key exchange. 704.BR invalue 705must be 706.BR "const char *" ; 707.BR outvalue 708must be 709.BR "char **" , 710and its contents need to be freed by the caller using 711.BR ldap_memfree (3). 712Ignored by GnuTLS and Mozilla NSS. 713.TP 714.B LDAP_OPT_X_TLS_KEYFILE 715Sets/gets the full-path of the certificate key file. 716.BR invalue 717must be 718.BR "const char *" ; 719.BR outvalue 720must be 721.BR "char **" , 722and its contents need to be freed by the caller using 723.BR ldap_memfree (3). 724.TP 725.B LDAP_OPT_X_TLS_NEWCTX 726Instructs the library to create a new TLS library context. 727.BR invalue 728must be 729.BR "const int *" . 730A non-zero value pointed to by 731.BR invalue 732tells the library to create a context for a server. 733.TP 734.B LDAP_OPT_X_TLS_PROTOCOL_MIN 735Sets/gets the minimum protocol version. 736.BR invalue 737must be 738.BR "const int *" ; 739.BR outvalue 740must be 741.BR "int *" . 742.TP 743.B LDAP_OPT_X_TLS_RANDOM_FILE 744Sets/gets the random file when 745.B /dev/random 746and 747.B /dev/urandom 748are not available. 749.BR invalue 750must be 751.BR "const char *" ; 752.BR outvalue 753must be 754.BR "char **" , 755and its contents need to be freed by the caller using 756.BR ldap_memfree (3). 757Ignored by GnuTLS older than version 2.2. Ignored by Mozilla NSS. 758.TP 759.B LDAP_OPT_X_TLS_REQUIRE_CERT 760Sets/gets the peer certificate checking strategy, 761one of 762.BR LDAP_OPT_X_TLS_NEVER , 763.BR LDAP_OPT_X_TLS_HARD , 764.BR LDAP_OPT_X_TLS_DEMAND , 765.BR LDAP_OPT_X_TLS_ALLOW , 766.BR LDAP_OPT_X_TLS_TRY . 767.TP 768.B LDAP_OPT_X_TLS_SSL_CTX 769Gets the TLS session context associated with this handle. 770.BR outvalue 771must be 772.BR "void **" . 773When using the OpenSSL library this is an SSL*. When using other 774crypto libraries this is a pointer to an OpenLDAP private structure. 775Applications generally should not use this option. 776.SH ERRORS 777On success, the functions return 778.BR LDAP_OPT_SUCCESS , 779while they may return 780.B LDAP_OPT_ERROR 781to indicate a generic option handling error. 782Occasionally, more specific errors can be returned, like 783.B LDAP_NO_MEMORY 784to indicate a failure in memory allocation. 785.SH NOTES 786The LDAP libraries with the 787.B LDAP_OPT_REFERRALS 788option set to 789.B LDAP_OPT_ON 790(default value) automatically follow referrals using an anonymous bind. 791Application developers are encouraged to either implement consistent 792referral chasing features, or explicitly disable referral chasing 793by setting that option to 794.BR LDAP_OPT_OFF . 795.P 796The protocol version used by the library defaults to LDAPv2 (now historic), 797which corresponds to the 798.B LDAP_VERSION2 799macro. 800Application developers are encouraged to explicitly set 801.B LDAP_OPT_PROTOCOL_VERSION 802to LDAPv3, using the 803.B LDAP_VERSION3 804macro, or to allow users to select the protocol version. 805.SH SEE ALSO 806.BR ldap (3), 807.BR ldap_error (3), 808.B RFC 4422 809(http://www.rfc-editor.org), 810.SH ACKNOWLEDGEMENTS 811.lf 1 ./../Project 812.\" Shared Project Acknowledgement Text 813.B "OpenLDAP Software" 814is developed and maintained by The OpenLDAP Project <http://www.openldap.org/>. 815.B "OpenLDAP Software" 816is derived from the University of Michigan LDAP 3.3 Release. 817.lf 811 stdin 818