Ldap: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
Line 1: | Line 1: | ||
=Install ldap server.= | |||
dnf install 389* | |||
=Configure ldap.= | |||
dscreate interactive | |||
=ldapsearch examples= | |||
Base64 decode. No line wrap. | Base64 decode. No line wrap. | ||
ldapsearch -o ldif-wrap=no -u -H ldaps://www.halfface.se.se:636 -b 'DC=www,DC=halfface,DC=se' -D username -w _password_ "(&(objectClass=*)(anr=search_string" | perl -MMIME::Base64 -MEncode=decode -n -00 -e 's/\n //g;s/(?<=:: )(\S+)/decode("UTF-8",decode_base64($1))/eg;print' | less -ISRM | ldapsearch -o ldif-wrap=no -u -H ldaps://www.halfface.se.se:636 -b 'DC=www,DC=halfface,DC=se' -D username -w _password_ "(&(objectClass=*)(anr=search_string" | perl -MMIME::Base64 -MEncode=decode -n -00 -e 's/\n //g;s/(?<=:: )(\S+)/decode("UTF-8",decode_base64($1))/eg;print' | less -ISRM | ||
search for numbers higher than 42435. | |||
ldapsearch -x -b ou=People,ou=Nordic,ou=eng,dc=infineon,dc=com "uidNumber>=42435" | ldapsearch -x -b ou=People,ou=Nordic,ou=eng,dc=infineon,dc=com "uidNumber>=42435" | ||
search for next suitable gid. Look for good matching number. For some reason I get some low numbers in my test. | |||
ldapsearch -LLL -l 5 -o nettimeout=5 -x -b "dc=example,dc=net" -h ldap.example.com "uidNumber>=68000" uidNumber | grep uidNumber | awk '{print $2}' | sort -n | less | ldapsearch -LLL -l 5 -o nettimeout=5 -x -b "dc=example,dc=net" -h ldap.example.com "uidNumber>=68000" uidNumber | grep uidNumber | awk '{print $2}' | sort -n | less | ||
Wild card search. | |||
ldapsearch -o ldif-wrap=no -H ldap://ldap.int.redbridge.se:389 -x -D "uid=$USERNAME,cn=users,cn=accounts,dc=redbridge,dc=se" -w $COMPANY_PASSWORD -b "dc=redbridge,dc=se" -s sub -a always '(&(objectClass=*)(cn=*kompetensportalen*))' | ldapsearch -o ldif-wrap=no -H ldap://ldap.int.redbridge.se:389 -x -D "uid=$USERNAME,cn=users,cn=accounts,dc=redbridge,dc=se" -w $COMPANY_PASSWORD -b "dc=redbridge,dc=se" -s sub -a always '(&(objectClass=*)(cn=*kompetensportalen*))' | ||
=matching= | =matching= | ||
Match user belonging to one of the groups. | Match user belonging to one of the groups. | ||
Line 161: | Line 17: | ||
Match user belonging to both groups. | Match user belonging to both groups. | ||
(&(memberOf=CN=%s,OU=Test_Users,DC=matthew,DC=com)(sAMAccountName=%s)) | (&(memberOf=CN=%s,OU=Test_Users,DC=matthew,DC=com)(sAMAccountName=%s)) | ||
[[Category:Applications]] | [[Category:Applications]] | ||
[[Category:Unix]] | [[Category:Unix]] |
Revision as of 09:38, 27 November 2022
Install ldap server.
dnf install 389*
Configure ldap.
dscreate interactive
ldapsearch examples
Base64 decode. No line wrap.
ldapsearch -o ldif-wrap=no -u -H ldaps://www.halfface.se.se:636 -b 'DC=www,DC=halfface,DC=se' -D username -w _password_ "(&(objectClass=*)(anr=search_string" | perl -MMIME::Base64 -MEncode=decode -n -00 -e 's/\n //g;s/(?<=:: )(\S+)/decode("UTF-8",decode_base64($1))/eg;print' | less -ISRM
search for numbers higher than 42435.
ldapsearch -x -b ou=People,ou=Nordic,ou=eng,dc=infineon,dc=com "uidNumber>=42435"
search for next suitable gid. Look for good matching number. For some reason I get some low numbers in my test.
ldapsearch -LLL -l 5 -o nettimeout=5 -x -b "dc=example,dc=net" -h ldap.example.com "uidNumber>=68000" uidNumber | grep uidNumber | awk '{print $2}' | sort -n | less
Wild card search.
ldapsearch -o ldif-wrap=no -H ldap://ldap.int.redbridge.se:389 -x -D "uid=$USERNAME,cn=users,cn=accounts,dc=redbridge,dc=se" -w $COMPANY_PASSWORD -b "dc=redbridge,dc=se" -s sub -a always '(&(objectClass=*)(cn=*kompetensportalen*))'
matching
Match user belonging to one of the groups.
(|(memberOf=CN=%s,OU=Test_Users,DC=matthew,DC=com)(sAMAccountName=%s))
Match user belonging to both groups.
(&(memberOf=CN=%s,OU=Test_Users,DC=matthew,DC=com)(sAMAccountName=%s))