Ldapsearch

=
================================================================== ldapsearch >ldapsearch Tags: Veja também: smbldap-tools-0.9.6-3.el5 (/usr/sbin/smbldap-useradd), AD Explorer, JXplorer, Apache Directory Studio


 * <<<<<<<<<<<<<< === ldapsearch === >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


 * 1) Conceito:

- No Debian: apt-get install ldap-utils - No Gentoo: emerge - No OpenSuse: zypper install - No Red Hat RHEL: yum install openldap-clients - No Ubuntu: apt-get install ldap-utils
 * 1) Instalação: (Instalation)


 * <<<<<<<<<<<<<< === ldapsearch === >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


 * 1) Configuração: (Configuration)

ldapsearch -x -LLL '(uid=usuario)'

ldapsearch -x -LLL '(rfc822MailMember=usuario@dominio.com.br)'

ldapsearch -x -LLL -H ldap://IP -b dc=dominio,dc=br "(|(givenName="nome sobrenome")(gecos=sobrenome)(uid=sobrenome))" ldapsearch: ldap_search_ext: Bad search filter (-7)

ldapsearch -LLL -x -H ldap://IP -b dc=dominio,dc=br "uid=usuario" uid
 * 1) Para mostrar um atributo específico na saída:

ldapsearch -d1 -Z -LLL -x -H ldaps://10.10.10.30 -b dc=dominio,dc=com,dc=br


 * <<<<<<<<<<<<<< === ldapsearch === >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


 * 1) Opções Gerais:
 * 2) -b – caminho onde quer consultar (Base DN)
 * 3) -H – servidor LDAP
 * 4) -L – pesquisa mais "enxuta", retira as informações desnecessárias
 * 5) -x – usa a autenticação simples ao invés de usar SASL (Use simple authentication instead of SASL.)


 * <<<<<<<<<<<<<< === ldapsearch === >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

ldapsearch -x -LLL -H ldap://10.10.10.80 -D \\username -W -b dc=dominio,dc=net,dc=br "uid=alessandro" ldapsearch -x -LLL -H ldap://10.10.10.80 -D username\@dominio\.net\.br -W -b dc=dominio,dc=net,dc=br "uid=alessandro"
 * 1) Consultar o LDAP do Active Directory:
 * 2) (LDAP search an Active Directory)


 * <<<<<<<<<<<<<< === ldapsearch === >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

———————————————————————————————————————————————————————————————————————————————
 * 1) Troubleshooting:
 * 2) Erros conhecidos: (Known Errors)
 * 1) Erros conhecidos: (Known Errors) [Resolvido] [Solved]
 * 2) Questão/Problema: (Question/Issue)

Não consegue realizar consulta no LDAP do AD (Active Directory)


 * 1) Erro: (Error)

O erro que aparece:

ldapsearch -x -LLL -H ldap://10.10.10.80 -b dc=dominio,dc=net,dc=br "uid=alessandro" Operations error (1) Additional information: 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece


 * 1) Causa: (Cause)

Nesse caso foi necessário especificar:

\\username


 * 1) Solução: (Solution)

Use o comando:

ldapsearch -x -LLL -H ldap://10.10.10.80 -D \\username -W -b dc=dominio,dc=net,dc=br



———————————————————————————————————————————————————————————————————————————————
 * 1) Erros conhecidos: (Known Errors) [Resolvido] [Solved]
 * 2) Questão/Problema: (Question/Issue)

Não consegue realizar consulta no LDAP do AD (Active Directory)


 * 1) Erro: (Error)

O erro que aparece:

ldapsearch -x -LLL -H ldap://10.10.10.80 -D \username -W -b dc=dominio,dc=net,dc=br "uid=alessandro" Enter LDAP Password: ldap_bind: Invalid credentials (49) additional info: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece


 * 1) Causa: (Cause)

É necessário colocar "\\":

\\username


 * 1) Solução: (Solution)

Use o comando:

ldapsearch -x -LLL -H ldap://10.10.10.80 -D \username -W -b dc=dominio,dc=net,dc=br "uid=alessandro"




 * <<<<<<<<<<<<<< === ldapsearch === >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


 * 1) Referências: (Reference)

http://pt.wikibooks.org/wiki/Ldap/Instala%C3%A7%C3%A3o
 * 1) Ldap/Instalação

http://gnulinuxbr.com/2011/01/14/servidor-openldap-no-debian-parte-1/
 * 1) Servidor openLDAP no Debian – Parte 1

http://www.yeslinux.com.br/?p=406
 * 1) Shell Script: Programa para Administração de Usuarios e Grupos LDAP:

http://directory.apache.org/studio/download/download-linux.html

http://www.centos.org/docs/5/html/CDS/ag/8.0/Finding_Directory_Entries-LDAP_Search_Filters.html http://www.ldapexplorer.com/en/manual/109010000-ldap-filter-syntax.htm http://msdn.microsoft.com/en-us/library/windows/desktop/aa746475(v=vs.85).aspx http://technet.microsoft.com/en-us/library/aa996205(EXCHG.65).aspx


 * <<<<<<<<<<<<<< === ldapsearch === >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>


 * 1) Veja Também: (See Also)

<ldapsearch
 * ==========^ ldapsearch ======================================================|