[Samba] [samba as AD] Hidden attributes
Rowland penny
rpenny at samba.org
Mon Jul 4 15:40:33 UTC 2016
On 04/07/16 16:16, mathias dufresne wrote:
> Hi all,
>
> Is there a way to extract the whole attributes of objects, even hidden
> attributes, using ldbsearch or any samba tool?
Don't think you can get the hidden attributes over the wire, but you can
get them on the DC by explicitly asking for them.
>
> Hidden attributes have to be hidden from ldapsearch which can be used
> through network and so, remotely. ldbsearch can be used only locally by
> root, which [should] limit who is using it, so perhaps I thought it was
> possible : )
Oh dear, who told you that only root could use ldbsearch and that it
only works on a DC ?
rowland at devstation:~/programming/git$ ldbsearch -H ldap://dc1 -b
'cn=Users,dc=samdom,dc=example,dc=com' -s sub
'(&(objectclass=user)(samaccountname=rowland))' -U rowland
Password for [SAMDOM\rowland]:
# record 1
dn: CN=Rowland Penny,CN=Users,DC=samdom,DC=example,DC=com
cn: Rowland Penny
sn: Penny
givenName: Rowland
instanceType: 4
whenCreated: 20151109093821.0Z
displayName: Rowland Penny
uSNCreated: 3871
name: Rowland Penny
objectGUID: 28103293-9fc9-4681-b19c-ae1150fe2b72
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 0
lastLogoff: 0
primaryGroupID: 513
objectSid: S-1-5-21-1768301897-3342589593-1064908849-1107
logonCount: 0
sAMAccountName: rowland
sAMAccountType: 805306368
userPrincipalName: rowland at samdom.example.com
objectCategory:
CN=Person,CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=c
om
pwdLastSet: 130915355010000000
uid: rowland
msSFU30Name: rowland
msSFU30NisDomain: samdom
uidNumber: 10000
unixHomeDirectory: /home/rowland
loginShell: /bin/bash
userAccountControl: 66048
accountExpires: 0
gidNumber: 10000
objectClass: top
objectClass: securityPrincipal
objectClass: person
objectClass: organizationalPerson
objectClass: user
gecos: Rowland Penny
memberOf: CN=DnsAdmins,CN=Users,DC=samdom,DC=example,DC=com
homeDirectory: \\DC1\rowland
lastLogonTimestamp: 131120934392797250
whenChanged: 20160704081039.0Z
uSNChanged: 245201
lastLogon: 131121071311154780
distinguishedName: CN=Rowland Penny,CN=Users,DC=samdom,DC=example,DC=com
Rowland
More information about the samba
mailing list