[clug] Querying an Active Directory server via ldapsearch
michael at michaelmanning.org
Thu Nov 3 00:20:21 GMT 2005
I have had some success with BASH scripts which not only query but
update the AD via LDAP, but -
Currently I am at work so not much time to get you all the details, but
I can give you a couple of lines of code which might help you get started
BINDDN="username at example.com" ; # Just the email address of a user
with the ability to look for what you need
echo "Querying Active Directory for user email addresses and login details";
result=$($COMMAND -x -b $BASEDN -H ldap://$LDAP_SERVER -D $BINDDN
$FILTER $QUERY $SORT -w $BINDPW|$GREP -i sAMAccountName -);
If you need more help then just post what you have and I will take
another look tonight.
Antony Wuth wrote:
>I am currently trying to query our shiny new AD servers - initially to
>retrieve contact details. I seem to have pretty much run up against a brick
>I have been playing around with ldapsearch and trying to throw together bits
>from random google searches but have not had anything that seems to be
>remotely close to success.
>Things I know;
>* We are running windows server 2003.
>* I know an IP address (and possibly a port) of a service that appears to be
>* I have access to a workstation (with some kinda-admin rights) that can
>query the ldap server.
>* I can capture LDAP packets and get confused as to what they are meant to
>* Just pointing an ldapclient at the server and asking for the whole tree
>receives (the predictable) result of being told to go away.
>Things I have not much idea about:
>* The exact scheme in use here,
>Does someone know of a good howto or at least some kind of newbie
>description of how LDAP is meant to work & Authenticate in the weird MS
More information about the linux