Frequently Asked Questions

« Previous
What is the BMC-IT computer platform and how does it work?
Next «
How do I install Ubuntu?

34. How do I lookup LDAP or Active Directory via command line on Mac and Linux?

Connecting anonymously to LDAP

ldapsearch -l 10 -x -Hldap://ldap.katalog.uu.se -b 'cn=People,dc=uu,dc=se' '(&(objectClass=person)(uid=jny25782))'

Connecting with authentication to LDAP

ldapsearch -l 10 -x -Hldaps://ldap.katalog.uu.se -D 'uid=jny25782,dc=user,dc=uu,dc=se' -w 'passwordA' -b 'cn=People,dc=uu,dc=se' '(&(objectClass=person)(uid=jny25782))'

Connecting with authentication to Active Directory

ldapsearch -Hldap://dc.user.uu.se -x -D "jny25782@user.uu.se" -b "DC=user,DC=uu,DC=se" -w "passwordA" "(uid=jny25782)" uid mail

Those timestamps in the Active Directory look quite strange do they not?

Convert from Windows time (100 ns/tick resolution) to Unix time ( 1 s/tick) by dividing by 10000000 (changing 100 ns resolution into 1 s) and then subtract 11644473600 to get from 1601-01-01T00:00:00Z to 1970-01-01T00:00:00Z.

$ date -d @$(echo 131243293252095302/10000000-11644473600 | bc) Wed Nov 23 00:02:05 CET 2016 $ _

Examples

List all mail addresses in the group SI29:9 in the public LDAP catalogue and then count them:

$ ldapsearch -l 10 -x -Hldap://ldap.katalog.uu.se -b 'cn=People,dc=uu,dc=se' 'departmentNumber=SI29:9' mail | grep -i mail: | wc -l 38 $ _

This would list all mail addresses in the group SI29:9 that also has a room number in the BMC C6:3 corridor.

$ ldapsearch -l 10 -x -Hldap://ldap.katalog.uu.se -b 'cn=People,dc=uu,dc=se' '(&(roomNumber=BMC C6:3*)(departmentNumber=SI29:9))' mail | grep -i mail:

View all group membership of a user:

$ ldapsearch -Hldap://dc.user.uu.se -x -D "jny25782@user.uu.se" -b "DC=user,DC=uu,DC=se" -w "passwordA" -L "(&(uid=jny25782))" -o ldif-wrap=no memberOf | grep ^memberOf:

This entry ldap was last modified 2018-09-10

This documentation is covered by GNU Free Documentation License.