1.lf 1 stdin
2.TH LDAP_GET_OPTION 3 "2020/04/28" "OpenLDAP 2.4.50"
3.\" $OpenLDAP$
4.\" Copyright 1998-2020 The OpenLDAP Foundation All Rights Reserved.
5.\" Copying restrictions apply.  See COPYRIGHT/LICENSE.
6.SH NAME
7ldap_get_option, ldap_set_option \- LDAP option handling routines
8.SH LIBRARY
9OpenLDAP LDAP (libldap, \-lldap)
10.SH SYNOPSIS
11.nf
12.B #include <ldap.h>
13.LP
14.BI "int ldap_get_option(LDAP *" ld ", int " option ", void *" outvalue ");"
15.LP
16.BI "int ldap_set_option(LDAP *" ld ", int " option ", const void *" invalue ");"
17.SH DESCRIPTION
18.LP
19These routines provide access to options stored either in a LDAP handle
20or as global options, where applicable.
21They make use of a neutral interface, where the type of the value
22either retrieved by 
23.BR ldap_get_option (3)
24or set by
25.BR ldap_set_option (3)
26is cast to 
27.BR "void *" .
28The actual type is determined based on the value of the
29.B option
30argument.
31Global options are set/retrieved by passing a NULL LDAP handle. LDAP handles
32inherit their default settings from the global options in effect at the time
33the handle is created.
34.TP
35.B LDAP_OPT_API_FEATURE_INFO
36Fills-in a 
37.BR "LDAPAPIFeatureInfo" ;
38.BR outvalue 
39must be a 
40.BR "LDAPAPIFeatureInfo *" ,
41pointing to an already allocated struct.
42The
43.B ldapaif_info_version
44field of the struct must be initialized to
45.B LDAP_FEATURE_INFO_VERSION
46before making the call. The
47.B ldapaif_name
48field must be set to the name of a feature to query.
49This is a read-only option.
50.TP
51.B LDAP_OPT_API_INFO
52Fills-in a 
53.BR "LDAPAPIInfo" ;
54.BR outvalue 
55must be a 
56.BR "LDAPAPIInfo *" ,
57pointing to an already allocated struct. The
58.B ldapai_info_version
59field of the struct must be initialized to
60.B LDAP_API_INFO_VERSION
61before making the call.
62If the version passed in does not match the current library
63version, the expected version number will be stored in the
64struct and the call will fail.
65The caller is responsible for freeing the elements of the
66.B ldapai_extensions
67array and the array itself using
68.BR ldap_memfree (3).
69The caller must also free the
70.BR ldapi_vendor_name .
71This is a read-only option.
72.TP
73.B LDAP_OPT_CLIENT_CONTROLS
74Sets/gets the client-side controls to be used for all operations.
75This is now deprecated as modern LDAP C API provides replacements
76for all main operations which accepts client-side controls as
77explicit arguments; see for example
78.BR ldap_search_ext (3),
79.BR ldap_add_ext (3),
80.BR ldap_modify_ext (3)
81and so on.
82.BR outvalue
83must be 
84.BR "LDAPControl ***" ,
85and the caller is responsible of freeing the returned controls, if any,
86by calling 
87.BR ldap_controls_free (3),
88while
89.BR invalue
90must be 
91.BR "LDAPControl *const *" ;
92the library duplicates the controls passed via
93.BR invalue .
94.TP
95.B LDAP_OPT_CONNECT_ASYNC
96Sets/gets the status of the asynchronous connect flag.
97.BR invalue
98should either be
99.BR LDAP_OPT_OFF
100or
101.BR LDAP_OPT_ON ;
102.BR outvalue
103must be
104.BR "int *" .
105When set, the library will call
106.BR connect (2)
107and return, without waiting for response.
108This leaves the handle in a connecting state.
109Subsequent calls to library routines will poll for completion
110of the connect before performing further operations.
111As a consequence, library calls that need to establish a connection
112with a DSA do not block even for the network timeout
113(option
114.BR LDAP_OPT_NETWORK_TIMEOUT ).
115This option is OpenLDAP specific.
116.TP
117.B LDAP_OPT_CONNECT_CB
118This option allows to set a connect callback.
119.B invalue
120must be a 
121.BR "const struct ldap_conncb *" .
122Callbacks are executed in last in-first served order.
123Handle-specific callbacks are executed first, followed by global ones.
124Right before freeing the callback structure, the
125.B lc_del
126callback handler is passed a 
127.B NULL
128.BR Sockbuf .
129Calling
130.BR ldap_get_option (3)
131for this option removes the callback whose pointer matches
132.BR outvalue .
133This option is OpenLDAP specific.
134.TP
135.B LDAP_OPT_DEBUG_LEVEL
136Sets/gets the debug level of the client library.
137.BR invalue
138must be a 
139.BR "const int *" ;
140.BR outvalue
141must be a
142.BR "int *" .
143Valid debug levels are 
144.BR LDAP_DEBUG_ANY ,
145.BR LDAP_DEBUG_ARGS ,
146.BR LDAP_DEBUG_BER ,
147.BR LDAP_DEBUG_CONNS ,
148.BR LDAP_DEBUG_NONE ,
149.BR LDAP_DEBUG_PACKETS ,
150.BR LDAP_DEBUG_PARSE ,
151and
152.BR LDAP_DEBUG_TRACE .
153This option is OpenLDAP specific.
154.TP
155.B LDAP_OPT_DEFBASE
156Sets/gets a string containing the DN to be used as default base
157for search operations.
158.BR outvalue
159must be a
160.BR "char **" ,
161and the caller is responsible of freeing the returned string by calling
162.BR ldap_memfree (3),
163while
164.BR invalue
165must be a 
166.BR "const char *" ;
167the library duplicates the corresponding string.
168This option is OpenLDAP specific.
169.TP
170.B LDAP_OPT_DEREF
171Sets/gets the value that defines when alias dereferencing must occur.
172.BR invalue
173must be
174.BR "const int *" ;
175.BR outvalue 
176must be
177.BR "int *" .
178They cannot be NULL.
179The value of 
180.BR *invalue
181should be one of
182.BR LDAP_DEREF_NEVER
183(the default),
184.BR LDAP_DEREF_SEARCHING ,
185.BR LDAP_DEREF_FINDING ,
186or
187.BR LDAP_DEREF_ALWAYS .
188Note that this has ever been the only means to determine alias dereferencing
189within search operations.
190.TP
191.B LDAP_OPT_DESC
192Returns the file descriptor associated to the socket buffer
193of the LDAP handle passed in as 
194.BR ld ;
195.BR outvalue
196must be a 
197.BR "int *" .
198This is a read-only, handle-specific option.
199.TP
200.B LDAP_OPT_DIAGNOSTIC_MESSAGE
201Sets/gets a string containing the error string associated to the LDAP handle.
202This option was formerly known as 
203.BR LDAP_OPT_ERROR_STRING .
204.BR outvalue
205must be a
206.BR "char **" ,
207and the caller is responsible of freeing the returned string by calling
208.BR ldap_memfree (3),
209while
210.BR invalue
211must be a 
212.BR "char *" ;
213the library duplicates the corresponding string.
214.TP
215.B LDAP_OPT_HOST_NAME
216Sets/gets a space-separated list of hosts to be contacted by the library 
217when trying to establish a connection.
218This is now deprecated in favor of
219.BR LDAP_OPT_URI .
220.BR outvalue
221must be a 
222.BR "char **" ,
223and the caller is responsible of freeing the resulting string by calling
224.BR ldap_memfree (3),
225while
226.BR invalue
227must be a 
228.BR "const char *" ;
229the library duplicates the corresponding string.
230.TP
231.B LDAP_OPT_MATCHED_DN
232Sets/gets a string containing the matched DN associated to the LDAP handle.
233.BR outvalue
234must be a
235.BR "char **" ,
236and the caller is responsible of freeing the returned string by calling
237.BR ldap_memfree (3),
238while
239.BR invalue
240must be a 
241.BR "const char *" ;
242the library duplicates the corresponding string.
243.TP
244.B LDAP_OPT_NETWORK_TIMEOUT
245Sets/gets the network timeout value after which
246.BR poll (2)/ select (2) 
247following a 
248.BR connect (2) 
249returns in case of no activity.
250.B outvalue
251must be a 
252.BR "struct timeval **"
253(the caller has to free
254.BR *outvalue ) ,
255and
256.B invalue
257must be a 
258.BR "const struct timeval *" .
259They cannot be NULL. Using a struct with seconds set to \-1 results
260in an infinite timeout, which is the default.
261This option is OpenLDAP specific.
262.TP
263.B LDAP_OPT_PROTOCOL_VERSION
264Sets/gets the protocol version.
265.BR outvalue
266and
267.BR invalue
268must be 
269.BR "int *" .
270.TP
271.B LDAP_OPT_REFERRAL_URLS
272Sets/gets an array containing the referral URIs associated to the LDAP handle.
273.BR outvalue
274must be a
275.BR "char ***" ,
276and the caller is responsible of freeing the returned string by calling
277.BR ldap_memvfree (3),
278while
279.BR invalue
280must be a NULL-terminated
281.BR "char *const *" ;
282the library duplicates the corresponding string.
283This option is OpenLDAP specific.
284.TP
285.B LDAP_OPT_REFERRALS
286Determines whether the library should implicitly chase referrals or not.
287.BR invalue
288must be 
289.BR "const int *" ;
290its value should either be
291.BR LDAP_OPT_OFF
292or
293.BR LDAP_OPT_ON .
294.BR outvalue
295must be
296.BR "int *" .
297.\".TP
298.\".B LDAP_OPT_REFHOPLIMIT
299.\"This option is OpenLDAP specific.
300.\"It is not currently implemented.
301.TP
302.B LDAP_OPT_RESTART
303Determines whether the library should implicitly restart connections (FIXME).
304.BR invalue
305must be 
306.BR "const int *" ;
307its value should either be
308.BR LDAP_OPT_OFF
309or
310.BR LDAP_OPT_ON .
311.BR outvalue
312must be
313.BR "int *" .
314.TP
315.B LDAP_OPT_RESULT_CODE
316Sets/gets the LDAP result code associated to the handle.
317This option was formerly known as
318.BR LDAP_OPT_ERROR_NUMBER .
319.BR invalue
320must be a 
321.BR "const int *" .
322.BR outvalue
323must be a
324.BR "int *" .
325.TP
326.B LDAP_OPT_SERVER_CONTROLS
327Sets/gets the server-side controls to be used for all operations.
328This is now deprecated as modern LDAP C API provides replacements
329for all main operations which accepts server-side controls as
330explicit arguments; see for example
331.BR ldap_search_ext (3),
332.BR ldap_add_ext (3),
333.BR ldap_modify_ext (3)
334and so on.
335.BR outvalue
336must be 
337.BR "LDAPControl ***" ,
338and the caller is responsible of freeing the returned controls, if any,
339by calling 
340.BR ldap_controls_free (3),
341while
342.BR invalue
343must be 
344.BR "LDAPControl *const *" ;
345the library duplicates the controls passed via
346.BR invalue .
347.TP
348.B LDAP_OPT_SESSION_REFCNT
349Returns the reference count associated with the LDAP handle passed in as
350.BR ld ;
351.BR outvalue
352must be a
353.BR "int *" .
354This is a read-only, handle-specific option.
355This option is OpenLDAP specific.
356.TP
357.B LDAP_OPT_SIZELIMIT
358Sets/gets the value that defines the maximum number of entries
359to be returned by a search operation.
360.BR invalue
361must be
362.BR "const int *" ,
363while
364.BR outvalue
365must be
366.BR "int *" ;
367They cannot be NULL.
368.TP
369.B LDAP_OPT_SOCKBUF
370Returns a pointer to the socket buffer of the LDAP handle passed in as
371.BR ld ;
372.BR outvalue
373must be a 
374.BR "Sockbuf **" .
375This is a read-only, handle-specific option.
376This option is OpenLDAP specific.
377.TP
378.B LDAP_OPT_TIMELIMIT
379Sets/gets the value that defines the time limit after which
380a search operation should be terminated by the server.
381.BR invalue
382must be
383.BR "const int *" ,
384while
385.BR outvalue
386must be
387.BR "int *" ,
388and they cannot be NULL.
389.TP
390.B LDAP_OPT_TIMEOUT
391Sets/gets a timeout value for the synchronous API calls.
392.B outvalue
393must be a 
394.BR "struct timeval **"
395(the caller has to free
396.BR *outvalue ) ,
397and
398.B invalue
399must be a 
400.BR "struct timeval *" ,
401and they cannot be NULL. Using a struct with seconds set to \-1 results
402in an infinite timeout, which is the default.
403This option is OpenLDAP specific.
404.TP
405.B LDAP_OPT_URI
406Sets/gets a comma- or space-separated list of URIs to be contacted by the library 
407when trying to establish a connection.
408.BR outvalue
409must be a 
410.BR "char **" ,
411and the caller is responsible of freeing the resulting string by calling
412.BR ldap_memfree (3),
413while
414.BR invalue
415must be a 
416.BR "const char *" ;
417the library parses the string into a list of 
418.BR LDAPURLDesc
419structures, so the invocation of 
420.BR ldap_set_option (3)
421may fail if URL parsing fails.
422URIs may only contain the
423.BR schema ,
424the
425.BR host ,
426and the
427.BR port
428fields.
429This option is OpenLDAP specific.
430.SH SASL OPTIONS
431The SASL options are OpenLDAP specific.
432.TP
433.B LDAP_OPT_X_SASL_AUTHCID
434Gets the SASL authentication identity;
435.BR outvalue
436must be a
437.BR "char **" ,
438its content needs to be freed by the caller using
439.BR ldap_memfree (3).
440.TP
441.B LDAP_OPT_X_SASL_AUTHZID
442Gets the SASL authorization identity;
443.BR outvalue
444must be a
445.BR "char **" ,
446its content needs to be freed by the caller using
447.BR ldap_memfree (3).
448.TP
449.B LDAP_OPT_X_SASL_MAXBUFSIZE
450Gets/sets SASL maximum buffer size;
451.BR invalue
452must be
453.BR "const ber_len_t *" ,
454while
455.BR outvalue
456must be
457.BR "ber_len_t *" .
458See also
459.BR LDAP_OPT_X_SASL_SECPROPS .
460.TP
461.B LDAP_OPT_X_SASL_MECH
462Gets the SASL mechanism;
463.BR outvalue
464must be a
465.BR "char **" ,
466its content needs to be freed by the caller using
467.BR ldap_memfree (3).
468.TP
469.B LDAP_OPT_X_SASL_MECHLIST
470Gets the list of the available mechanisms,
471in form of a NULL-terminated array of strings;
472.BR outvalue
473must be
474.BR "char ***" .
475The caller must not free or otherwise muck with it.
476.TP
477.B LDAP_OPT_X_SASL_NOCANON
478Sets/gets the NOCANON flag.
479When unset, the hostname is canonicalized.
480.BR invalue
481must be
482.BR "const int *" ;
483its value should either be
484.BR LDAP_OPT_OFF
485or
486.BR LDAP_OPT_ON .
487.BR outvalue
488must be
489.BR "int *" .
490.TP
491.B LDAP_OPT_X_SASL_REALM
492Gets the SASL realm;
493.BR outvalue
494must be a
495.BR "char **" ,
496its content needs to be freed by the caller using
497.BR ldap_memfree (3).
498.TP
499.B LDAP_OPT_X_SASL_SECPROPS
500Sets the SASL secprops;
501.BR invalue
502must be a
503.BR "char *" ,
504containing a comma-separated list of properties.
505Legal values are:
506.BR none ,
507.BR nodict ,
508.BR noplain ,
509.BR noactive ,
510.BR passcred ,
511.BR forwardsec ,
512.BR noanonymous ,
513.BR minssf=<minssf> ,
514.BR maxssf=<maxssf> ,
515.BR maxbufsize=<maxbufsize> .
516.TP
517.B LDAP_OPT_X_SASL_SSF
518Gets the SASL SSF;
519.BR outvalue
520must be a
521.BR "ber_len_t *" .
522.TP
523.B LDAP_OPT_X_SASL_SSF_EXTERNAL
524Sets the SASL SSF value related to an authentication
525performed using an EXTERNAL mechanism;
526.BR invalue
527must be a
528.BR "const ber_len_t *" .
529.TP
530.B LDAP_OPT_X_SASL_SSF_MAX
531Gets/sets SASL maximum SSF;
532.BR invalue
533must be
534.BR "const ber_len_t *" ,
535while
536.BR outvalue
537must be
538.BR "ber_len_t *" .
539See also
540.BR LDAP_OPT_X_SASL_SECPROPS .
541.TP
542.B LDAP_OPT_X_SASL_SSF_MIN
543Gets/sets SASL minimum SSF;
544.BR invalue
545must be
546.BR "const ber_len_t *" ,
547while
548.BR outvalue
549must be
550.BR "ber_len_t *" .
551See also
552.BR LDAP_OPT_X_SASL_SECPROPS .
553.TP
554.B LDAP_OPT_X_SASL_USERNAME
555Gets the SASL username;
556.BR outvalue
557must be a
558.BR "char **" .
559Its content needs to be freed by the caller using
560.BR ldap_memfree (3).
561.SH TCP OPTIONS
562The TCP options are OpenLDAP specific.
563Mainly intended for use with Linux, they may not be portable.
564.TP
565.B LDAP_OPT_X_KEEPALIVE_IDLE
566Sets/gets the number of seconds a connection needs to remain idle
567before TCP starts sending keepalive probes.
568.BR invalue
569must be
570.BR "const int *" ;
571.BR outvalue
572must be
573.BR "int *" .
574.TP
575.B LDAP_OPT_X_KEEPALIVE_PROBES
576Sets/gets the maximum number of keepalive probes TCP should send
577before dropping the connection.
578.BR invalue
579must be
580.BR "const int *" ;
581.BR outvalue
582must be
583.BR "int *" .
584.TP
585.B LDAP_OPT_X_KEEPALIVE_INTERVAL
586Sets/gets the interval in seconds between individual keepalive probes.
587.BR invalue
588must be
589.BR "const int *" ;
590.BR outvalue
591must be
592.BR "int *" .
593.SH TLS OPTIONS
594The TLS options are OpenLDAP specific.
595.\".TP
596.\".B LDAP_OPT_X_TLS
597.\"Sets/gets the TLS mode.
598.TP
599.B LDAP_OPT_X_TLS_CACERTDIR
600Sets/gets the path of the directory containing CA certificates.
601.BR invalue
602must be
603.BR "const char *" ;
604.BR outvalue
605must be
606.BR "char **" ,
607and its contents need to be freed by the caller using
608.BR ldap_memfree (3).
609.TP
610.B LDAP_OPT_X_TLS_CACERTFILE
611Sets/gets the full-path of the CA certificate file.
612.BR invalue
613must be
614.BR "const char *" ;
615.BR outvalue
616must be
617.BR "char **" ,
618and its contents need to be freed by the caller using
619.BR ldap_memfree (3).
620.TP
621.B LDAP_OPT_X_TLS_CERTFILE
622Sets/gets the full-path of the certificate file.
623.BR invalue
624must be
625.BR "const char *" ;
626.BR outvalue
627must be
628.BR "char **" ,
629and its contents need to be freed by the caller using
630.BR ldap_memfree (3).
631.TP
632.B LDAP_OPT_X_TLS_CIPHER_SUITE
633Sets/gets the allowed cipher suite.
634.BR invalue
635must be
636.BR "const char *" ;
637.BR outvalue
638must be
639.BR "char **" ,
640and its contents need to be freed by the caller using
641.BR ldap_memfree (3).
642.TP
643.B LDAP_OPT_X_TLS_CONNECT_ARG
644Sets/gets the connection callback argument.
645.BR invalue
646must be
647.BR "const void *" ;
648.BR outvalue
649must be
650.BR "void **" .
651.TP
652.B LDAP_OPT_X_TLS_CONNECT_CB
653Sets/gets the connection callback handle.
654.BR invalue
655must be
656.BR "const LDAP_TLS_CONNECT_CB *" ;
657.BR outvalue
658must be
659.BR "LDAP_TLS_CONNECT_CB **" .
660.TP
661.B LDAP_OPT_X_TLS_CRLCHECK
662Sets/gets the CRL evaluation strategy, one of
663.BR LDAP_OPT_X_TLS_CRL_NONE ,
664.BR LDAP_OPT_X_TLS_CRL_PEER ,
665or
666.BR LDAP_OPT_X_TLS_CRL_ALL .
667.BR invalue
668must be
669.BR "const int *" ;
670.BR outvalue
671must be
672.BR "int *" .
673Requires OpenSSL.
674.TP
675.B LDAP_OPT_X_TLS_CRLFILE
676Sets/gets the full-path of the CRL file.
677.BR invalue
678must be
679.BR "const char *" ;
680.BR outvalue
681must be
682.BR "char **" ,
683and its contents need to be freed by the caller using
684.BR ldap_memfree (3).
685This option is only valid for GnuTLS.
686.TP
687.B LDAP_OPT_X_TLS_CTX
688Sets/gets the TLS library context. New TLS sessions will inherit their
689default settings from this library context.
690.BR invalue
691must be
692.BR "const void *" ;
693.BR outvalue
694must be
695.BR "void **" .
696When using the OpenSSL library this is an SSL_CTX*. When using other
697crypto libraries this is a pointer to an OpenLDAP private structure.
698Applications generally should not use this option or attempt to
699manipulate this structure.
700.TP
701.B LDAP_OPT_X_TLS_DHFILE
702Gets/sets the full-path of the file containing the parameters
703for Diffie-Hellman ephemeral key exchange.
704.BR invalue
705must be
706.BR "const char *" ;
707.BR outvalue
708must be
709.BR "char **" ,
710and its contents need to be freed by the caller using
711.BR ldap_memfree (3).
712Ignored by GnuTLS and Mozilla NSS.
713.TP
714.B LDAP_OPT_X_TLS_KEYFILE
715Sets/gets the full-path of the certificate key file.
716.BR invalue
717must be
718.BR "const char *" ;
719.BR outvalue
720must be
721.BR "char **" ,
722and its contents need to be freed by the caller using
723.BR ldap_memfree (3).
724.TP
725.B LDAP_OPT_X_TLS_NEWCTX
726Instructs the library to create a new TLS library context.
727.BR invalue
728must be
729.BR "const int *" .
730A non-zero value pointed to by
731.BR invalue
732tells the library to create a context for a server.
733.TP
734.B LDAP_OPT_X_TLS_PROTOCOL_MIN
735Sets/gets the minimum protocol version.
736.BR invalue
737must be
738.BR "const int *" ;
739.BR outvalue
740must be
741.BR "int *" .
742.TP
743.B LDAP_OPT_X_TLS_RANDOM_FILE
744Sets/gets the random file when
745.B /dev/random
746and
747.B /dev/urandom
748are not available.
749.BR invalue
750must be
751.BR "const char *" ;
752.BR outvalue
753must be
754.BR "char **" ,
755and its contents need to be freed by the caller using
756.BR ldap_memfree (3).
757Ignored by GnuTLS older than version 2.2.  Ignored by Mozilla NSS.
758.TP
759.B LDAP_OPT_X_TLS_REQUIRE_CERT
760Sets/gets the peer certificate checking strategy,
761one of
762.BR LDAP_OPT_X_TLS_NEVER ,
763.BR LDAP_OPT_X_TLS_HARD ,
764.BR LDAP_OPT_X_TLS_DEMAND ,
765.BR LDAP_OPT_X_TLS_ALLOW ,
766.BR LDAP_OPT_X_TLS_TRY .
767.TP
768.B LDAP_OPT_X_TLS_SSL_CTX
769Gets the TLS session context associated with this handle.
770.BR outvalue
771must be
772.BR "void **" .
773When using the OpenSSL library this is an SSL*. When using other
774crypto libraries this is a pointer to an OpenLDAP private structure.
775Applications generally should not use this option.
776.SH ERRORS
777On success, the functions return
778.BR LDAP_OPT_SUCCESS ,
779while they may return
780.B LDAP_OPT_ERROR
781to indicate a generic option handling error.
782Occasionally, more specific errors can be returned, like
783.B LDAP_NO_MEMORY
784to indicate a failure in memory allocation.
785.SH NOTES
786The LDAP libraries with the
787.B LDAP_OPT_REFERRALS 
788option set to
789.B LDAP_OPT_ON
790(default value) automatically follow referrals using an anonymous bind.
791Application developers are encouraged to either implement consistent
792referral chasing features, or explicitly disable referral chasing
793by setting that option to
794.BR LDAP_OPT_OFF .
795.P
796The protocol version used by the library defaults to LDAPv2 (now historic),
797which corresponds to the
798.B LDAP_VERSION2
799macro.
800Application developers are encouraged to explicitly set
801.B LDAP_OPT_PROTOCOL_VERSION
802to LDAPv3, using the 
803.B LDAP_VERSION3
804macro, or to allow users to select the protocol version.
805.SH SEE ALSO
806.BR ldap (3),
807.BR ldap_error (3),
808.B RFC 4422
809(http://www.rfc-editor.org),
810.SH ACKNOWLEDGEMENTS
811.lf 1 ./../Project
812.\" Shared Project Acknowledgement Text
813.B "OpenLDAP Software"
814is developed and maintained by The OpenLDAP Project <http://www.openldap.org/>.
815.B "OpenLDAP Software"
816is derived from the University of Michigan LDAP 3.3 Release.  
817.lf 811 stdin
818