what does it mean

DAP        Directory Access Protocol, Ldap ancestor
DIT        Directory Information Tree
SASL       Simple Authentication and Security Layer

Install ldap server.

dnf install 389*

Configure ldap.

dscreate interactive

ldapsearch examples

Base64 decode. No line wrap.

ldapsearch -o ldif-wrap=no -u -H ldaps://www.halfface.se.se:636 -b 'DC=www,DC=halfface,DC=se' -D username -w _password_ "(&(objectClass=*)(anr=search_string" | perl -MMIME::Base64 -MEncode=decode -n -00 -e 's/\n //g;s/(?<=:: )(\S+)/decode("UTF-8",decode_base64($1))/eg;print' | less -ISRM
ldapsearch -o ldif-wrap=no -u -H ldaps://www.halfface.se.se:636 -b 'DC=www,DC=halfface,DC=se' -D username -w _password_ "(&(objectClass=*)(anr=search_string" | perl -pe"binmode(STDOUT,':utf8');" -MMIME::Base64 -MEncode=decode -n -00 -e 's/\n +//g;s/(?<=:: )(\S+)/decode("UTF-8",decode_base64($1))/eg;print' | strings

search for numbers higher than 42435.

ldapsearch -x -b ou=People,ou=Nordic,ou=eng,dc=infineon,dc=com "uidNumber>=42435"

search for next suitable gid. Look for good matching number. For some reason I get some low numbers in my test.

ldapsearch -LLL -l 5 -o nettimeout=5 -x -b "dc=example,dc=net" -h ldap.example.com  "uidNumber>=68000" uidNumber | grep uidNumber | awk '{print $2}' | sort -n | less

Wild card search.

ldapsearch -o ldif-wrap=no -H ldap://ldap.int.redbridge.se:389 -x -D "uid=$USERNAME,cn=users,cn=accounts,dc=redbridge,dc=se" -w $COMPANY_PASSWORD -b "dc=redbridge,dc=se" -s sub -a always '(&(objectClass=*)(cn=*kompetensportalen*))'

matching

Match user belonging to one of the groups.

(|(memberOf=CN=%s,OU=Test_Users,DC=matthew,DC=com)(sAMAccountName=%s))

Match user belonging to both groups.

(&(memberOf=CN=%s,OU=Test_Users,DC=matthew,DC=com)(sAMAccountName=%s))

get root dse

ldapsearch -o ldif-wrap=no -H ldaps://ldap.int.redbridge.se:636 -x -b "" -s base -a always "(objectClass=*)"