01-30-2010
10 More Discussions You Might Find Interesting
1. Red Hat
Hii All,
I am using openldap v2.3 on redhat El-4. When i run ldapsearch it returns all the entries. The command runs successfully. But when I run the ldapsearch with following filter option it doesnt work and immediately returns to the shell.
ldapsearch uidNumber>=2000
I've started slapd... (0 Replies)
Discussion started by: shamik
0 Replies
2. UNIX for Dummies Questions & Answers
We have an application that uses Active directory to authenticate the users. the admins of the app. were complaining because the windows domain controller they are going against is not very stable. I wrote a shell script using ldapsearch to look up a user against the domain controller their app... (2 Replies)
Discussion started by: jayjabour
2 Replies
3. Programming
Hi all,
I've been searching for ldapsearch function these few days. Still I couldn't found the solution.
I would like to translate this query
ldapsearch -x -LLL -h new_IP -p new_Port -D "cn=jw" -w "dummy" -b
"id=2311,o=WC,c=jp" -s sub
to ldap_search_ext_s() function in C program.
... (0 Replies)
Discussion started by: tailangong
0 Replies
4. AIX
How can I do a ldapsearch to find a DN for a user when I know the exact cn for that user out of active directory.
I have tried several different commands (hundreds) but need the -b with the full dn to perform the search using ldapsearch from AIX. I am trying to find the OU for a user and the... (3 Replies)
Discussion started by: cchart3
3 Replies
5. Red Hat
Hi there everyone. I'm trying to make a bash script that accepts some arguments ans give's back some info about LDAP users and servers.
I have this function :
has_group_access(){
result=$(ldapsearch -LLL "cn=${GROUP_NAME}" cn member | cut -d"," -f1 | cut -d":" -f2 | cut -d"=" -f2 | grep... (1 Reply)
Discussion started by: theboogymaster
1 Replies
6. UNIX for Dummies Questions & Answers
Never knew of this command ldapsearch, but I would like to use it to lookup a single user and return where their office is.
Is this possible?
I'm totally starting from scratch. I already saw some of the gurus say read the man page, which is pretty greek when you don't know the details of... (1 Reply)
Discussion started by: srhadden
1 Replies
7. Red Hat
Hi
I'm not familiar with ldap and I hope someone to help me.
I need to get some attribute value from ldap DB.
When i run the following command is OK:
ldapsearch -h localhost -p 16611 -x -D cn=user -w passwd -b msisdn=359502479649,dc=MSISDN,DC=C-NTDB "(objectClass=SUBINNSS)" refinmocNAME
the... (0 Replies)
Discussion started by: vasil
0 Replies
8. UNIX for Beginners Questions & Answers
Using ldapsearch, I've built the following command to get what I need.
ldapsearch -x -LLL -E pr=200/noprompt -h abc-loc.somecompany.com -D "account@somecompany.com" -w password -b "ou=End Users,ou=Accounts,dc=abc,dc=somecompany,dc=com" -s sub '(distinguishedName=CN=Bob\\, Billy J,OU=End... (8 Replies)
Discussion started by: who10
8 Replies
9. UNIX for Beginners Questions & Answers
When I execute the code below with cn set to the $adgroup variable, I get the following error:
Invalid DN syntax (34)
Additional information: 0000208F: NameErr: DSID-031001F7, problem 2006 (BAD_NAME), data 8349, best match of:
,ou=Resource,ou=groups,dc=abc,dc=somecompany,dc=com'
If I set cn... (6 Replies)
Discussion started by: who10
6 Replies
10. Shell Programming and Scripting
Hi,
I'm trying to make a bash script to read LDAP (from MS active directory with ldapsearch), extract the fields 'mail', 'division', 'memberOf', 'userAccountControl', 'uidNumber', 'name', 'sAMAccountName' and save in a mysql database.
I have extracted the fields with ldapsearch but I am... (2 Replies)
Discussion started by: somachibun
2 Replies
LEARN ABOUT SUSE
apache::authznetldap
Apache::AuthzNetLDAP(3) User Contributed Perl Documentation Apache::AuthzNetLDAP(3)
NAME
Apache::AuthzNetLDAP - Apache-Perl module that enables you to authorize a user for Website based on LDAP attributes.
SYNOPSIS
PerlSetVar BindDN "cn=Directory Manager"
PerlSetVar BindPWD "password"
PerlSetVar BaseDN "ou=people,o=unt.edu"
PerlSetVar LDAPServer ldap.unt.edu
PerlSetVar LDAPPort 389
PerlSetVar UIDAttr uid
#PerlSetVar UIDAttr mail
PerlAuthenHandler Apache::AuthNetLDAP
PerlAuthzHandler Apache::AuthzNetLDAP
#require valid-user
#require user mewilcox
#require user mewilcox@venus.acs.unt.edu
#require group "cn=Peoplebrowsers1,ou=UNTGroups,ou=People, o=unt.edu"
#require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=wilcox
#require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=smith
#require ldap-url ldap://castor.acs.unt.edu/ou=people,o=unt.edu??sub?untcourse=
untcoursenumber=1999CCOMM2040001,ou=courses,ou=acad,o=unt.edu
DESCRIPTION
After you have authenticated a user (perhaps with Apache::AuthNetLDAP ;) you can use this module to determine whether they are authorized
to access the Web resource under this modules control.
You can control authorization via one of four methods. The first two are pretty standard, the second two are unique to LDAP.
"require" options --
user -> Will authorize access if the authenticated user's username.
valid-user -> Will authorize any authenticated user.
group -> Will authorize any authenticated user who is a member of the LDAP group specified by groupdn. This module supports groupOfMember,
groupOfUniquemember and Netscape's dynamic group object classes.
ldap-url -> This will authorize any authenticated user who matches the query specified in the given LDAP URL. This is enables users to get
the flexibility of Netscape's dynamic groups, even if their LDAP server does not support such a capability.
CONFIGURATION NOTES
It is important to note that this module must be used in conjunction with an authentication module. (...?
Is this true? I just thought, that you might want to only authorize a user, instead of authenticate...)
If you are using an authentication module, then the following lines will not need to be duplicated:
PerlSetVar BindDN "cn=Directory Manager"
PerlSetVar BindPWD "password"
PerlSetVar BaseDN "ou=people,o=unt.edu"
PerlSetVar LDAPServer ldap.unt.edu
PerlSetVar LDAPPort 389
PerlSetVar UIDAttr uid
#PerlSetVar UIDAttr mail
PerlAuthenHandler Apache::AuthNetLDAP
The following lines will not need to be duplicated if supported by the authentication module:
#require valid-user
#require user mewilcox
#require user mewilcox@venus.acs.unt.edu
#require group "cn=Peoplebrowsers1,ou=UNTGroups,ou=People, o=unt.edu"
#require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=wilcox
#require ldap-url ldap://pandora.acs.unt.edu/o=unt.edu??sub?sn=smith
#require ldap-url ldap://castor.acs.unt.edu/ou=people,o=unt.edu??sub?untcourse=
Obviously, the ldap-url attribute is probably only support by this module.
Check out the following link for options to load the module:
http://perl.apache.org/docs/1.0/guide/config.html#The_Startup_File http://perl.apache.org/docs/2.0/user/config/config.html#Startup_File
AUTHOR
Mark Wilcox mewilcox@unt.edu and Shannon Eric Peevey speeves@unt.edu
SEE ALSO
perl(1).
WARRANTY Hey, I didn't destroy mankind when testing the module. You're mileage may vary.
This module is distributed with the same license as Perl's.
perl v5.12.1 2010-07-05 Apache::AuthzNetLDAP(3)