ldapsearch 

Allows you to search the ldap Directory


usage: ldapsearch [options] [filter [attributes...]]

Search Filters:

Search

Example

Add

'(&(mail=*)(uid=provisioner*))'

OR

'(|(member=*)(mail=*))'

Examples



example

Search for all objects with the mail attribute:
> ldapsearch -D cn=admin,dc=pci,dc=irdeto,dc=com -w xxxxxx -b 'dc=pci,dc=irdeto,dc=com' -h ldap.dev.pci.irdeto.com -p 489 'mail=*'
 
 
Search for all users (inetOrgPerson) under ou=users,dc=pci,dc=irdeto,dc=com
> ldapsearch -D cn=admin,dc=pci,dc=irdeto,dc=com -w xxxxxx -h ldap.dev.pci.irdeto.com -p 489 -b 'ou=users,dc=pci,dc=irdeto,dc=com' '(objectclass=inetOrgPerson)'



Common Parameters

These parameters are used with all ldap commands

Parameter

Description

Example

-D binddn

Bind DN-D cn=admin,dc=pci,dc=irdeto,dc=com

-w passwd

Bind password (for simple authentication)

-w xxxxxx

-b basedn

Base DN-b 'dc=pci,dc=irdeto,dc=com'

-h host

LDAP Server-h localhost
-H URILDAP URI-H ldaps://

-p port

Port on LDAP server

Not required when using -H URI

-p 389



> ldapadd -D cn=admin,dc=pci,dc=irdeto,dc=com -w XXX -h 10.18.113.218 -p 389 -f hengheng.ldif
---
 
 
hengheng.ldif:
dn: cn=hengheng,ou=tenants,ou=users,dc=pci,dc=irdeto,dc=com
objectClass: inetOrgPerson
objectClass: top
cn: hengheng
givenname: Hengheng
sn: User
uid: hengheng
mail: hengheng.xie@irdeto.com
----
 
 
> ldappasswd -S -D cn=admin,dc=pci,dc=irdeto,dc=com -w XXX -h 10.18.113.218 -p 389 -x "cn=hengheng,ou=tenants,ou=users,dc=pci,dc=irdeto,dc=com"
 
 
> ldapsearch -D cn=admin,dc=pci,dc=irdeto,dc=com -w XXX -b 'ou=tenants,ou=users,dc=pci,dc=irdeto,dc=com' -h 10.18.113.218 -p 389
 
 
---
# hengheng, tenants, users, pci.irdeto.com
dn: cn=hengheng,ou=tenants,ou=users,dc=pci,dc=irdeto,dc=com
objectClass: inetOrgPerson
objectClass: top
cn: hengheng
givenName: Hengheng
sn: User
uid: hengheng
mail: hengheng.xie@irdeto.com
userPassword:: e1NTSEF9eTNtVGRXejhwanozdkFXR1ZjTlNMaG44R2RqZkVLWDU=
---
 
 
---
Make gitlab user admin
ssh into gitlab
 
> gitlab-rails console production
 
u = User.find_by_email("john.mehan@irdeto.com")
u.admin = true
u.save!


  • No labels