Can anyone let me know if querying Active Directory server using ldapsearch, ldapadd, ldapdelete, etc. utilities is possible or not?
To search for the LDAP configuration, use the “ldapsearch” command and specify “cn=config” as the search base for your LDAP tree. To run this search, you have to use the “-Y” option and specify “EXTERNAL” as the authentication mechanism.
The short answer is "yes". A sample ldapsearch
command to query an Active Directory server is:
ldapsearch \ -x -h ldapserver.mydomain.com \ -D "[email protected]" \ -W \ -b "cn=users,dc=mydomain,dc=com" \ -s sub "(cn=*)" cn mail sn
This would connect to an AD server at hostname ldapserver.mydomain.com
as user [email protected]
, prompt for the password on the command line and show name and email details for users in the cn=users,dc=mydomain,dc=com
subtree.
See Managing LDAP from the Command Line on Linux for more samples. See LDAP Query Basics for Microsoft Exchange documentation for samples using LDAP queries with Active Directory.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With