commandlinefu.com is the place to record those command-line gems that you return to again and again.
You can sign-in using OpenID credentials, or register a traditional username and password.
Subscribe to the feed for:
Shows list of users and their details in LDAP
Permit to generate a password for userPassword in ldap.
Use ?slappasswd -g? to generate a random passowrd.
Find statistics for an Edirectory server form LDAPsearch.
We have a lot more examples at:
The full command got shut off it is:
ldapsearch -h ldapserver.willeke.com -p636 -e C:\mydata\treerootcert.der -b "" -s base -D cn=admin,ou=administration,dc=willeke,dc=com -w secretpwd "(objectclass=*)" chainings removeEntryOps referralsReturned listOps modifyRDNOps repUpdatesIn repUpdatesOut strongAuthBinds addEntryOps compareOps wholeSubtreeSearchOps modifyEntryOps searchOps errors simpleAuthBinds inOps oneLevelSearchOps inBytes abandonOps bindSecurityErrors securityErrors unAuthBinds outBytes extendedOps readOps dsaName directoryTreeName vendorVersion vendorName
These are the parameters to ldapsearch (from ldap-utils in Ubuntu), for searching for the record for Joe Blogg's user. sAMAccountName is the LDAP field that ActiveDirectory uses to store the user name. 'DOMAIN\Joe.Bloggs' where "DOMAIN" is the the active directory domain.
Othewise you could use "CN=Joe.Bloggs,DC=example,DC=com" instead of "DOMAIN\Joe.Bloggs"
When Ldapsearch queries an Active directory server, all the dates are shown using a timestamp of 18 digits. This perl regexp decodes them in a more human friendly notation. 11644473600 corresponds to some microsoft epoch.