ldapcompare: invalid option -- '-' ldapcompare: unrecognized option -- usage: ldapcompare [options] DN <attr:value|attr::b64value> where: DN Distinguished Name attr assertion attribute value assertion value b64value base64 encoding of assertion value Compare options: -E [!]<ext>[=<extparam>] compare extensions (! indicates criticality) !dontUseCopy (Don't Use Copy) -M enable Manage DSA IT control (-MM to make critical) -P version protocol version (default: 3) -z Quiet mode, don't print anything, use return values Common options: -d level set LDAP debugging level to `level' -D binddn bind DN -e [!]<ext>[=<extparam>] general extensions (! indicates criticality) [!]assert=<filter> (RFC 4528; a RFC 4515 Filter string) [!]authzid=<authzid> (RFC 4370; "dn:<dn>" or "u:<user>") [!]chaining[=<resolveBehavior>[/<continuationBehavior>]] one of "chainingPreferred", "chainingRequired", "referralsPreferred", "referralsRequired" [!]manageDSAit (RFC 3296) [!]noop ppolicy [!]postread[=<attrs>] (RFC 4527; comma-separated attr list) [!]preread[=<attrs>] (RFC 4527; comma-separated attr list) [!]relax [!]sessiontracking abandon, cancel, ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) -h host LDAP server -H URI LDAP Uniform Resource Identifier(s) -I use SASL Interactive mode -n show what would be done but don't actually do it -N do not use reverse DNS to canonicalize SASL host name -O props SASL security properties -o <opt>[=<optparam>] general options nettimeout=<timeout> (in seconds, or "none" or "max") ldif-wrap=<width> (in columns, or "no" for no wrapping) -p port port on LDAP server -Q use SASL Quiet mode -R realm SASL realm -U authcid SASL authentication identity -v run in verbose mode (diagnostics to standard output) -V print version info (-VV only) -w passwd bind password (for simple authentication) -W prompt for bind password -x Simple authentication -X authzid SASL authorization identity ("dn:<dn>" or "u:<user>") -y file Read password from file -Y mech SASL mechanism -Z Start TLS request (-ZZ to require successful response)

usage: ldapcompare [options] DN <attr:value|attr::b64value> where: DN Distinguished Name attr assertion attribute value assertion value b64value base64 encoding of assertion value Compare options: -E [!]<ext>[=<extparam>] compare extensions (! indicates criticality) !dontUseCopy (Don't Use Copy) -M enable Manage DSA IT control (-MM to make critical) -P version protocol version (default: 3) -z Quiet mode, don't print anything, use return values Common options: -d level set LDAP debugging level to `level' -D binddn bind DN -e [!]<ext>[=<extparam>] general extensions (! indicates criticality) [!]assert=<filter> (RFC 4528; a RFC 4515 Filter string) [!]authzid=<authzid> (RFC 4370; "dn:<dn>" or "u:<user>") [!]chaining[=<resolveBehavior>[/<continuationBehavior>]] one of "chainingPreferred", "chainingRequired", "referralsPreferred", "referralsRequired" [!]manageDSAit (RFC 3296) [!]noop ppolicy [!]postread[=<attrs>] (RFC 4527; comma-separated attr list) [!]preread[=<attrs>] (RFC 4527; comma-separated attr list) [!]relax [!]sessiontracking abandon, cancel, ignore (SIGINT sends abandon/cancel, or ignores response; if critical, doesn't wait for SIGINT. not really controls) -h host LDAP server -H URI LDAP Uniform Resource Identifier(s) -I use SASL Interactive mode -n show what would be done but don't actually do it -N do not use reverse DNS to canonicalize SASL host name -O props SASL security properties -o <opt>[=<optparam>] general options nettimeout=<timeout> (in seconds, or "none" or "max") ldif-wrap=<width> (in columns, or "no" for no wrapping) -p port port on LDAP server -Q use SASL Quiet mode -R realm SASL realm -U authcid SASL authentication identity -v run in verbose mode (diagnostics to standard output) -V print version info (-VV only) -w passwd bind password (for simple authentication) -W prompt for bind password -x Simple authentication -X authzid SASL authorization identity ("dn:<dn>" or "u:<user>") -y file Read password from file -Y mech SASL mechanism -Z Start TLS request (-ZZ to require successful response)