Commands tagged ldap (6)

  • These are the parameters to ldapsearch (from ldap-utils in Ubuntu), for searching for the record for Joe Blogg's user. sAMAccountName is the LDAP field that ActiveDirectory uses to store the user name. 'DOMAIN\Joe.Bloggs' where "DOMAIN" is the the active directory domain. Othewise you could use "CN=Joe.Bloggs,DC=example,DC=com" instead of "DOMAIN\Joe.Bloggs" Show Sample Output

    ldapsearch -LLL -H ldap:// -b 'dc=example,dc=com' -D 'DOMAIN\Joe.Bloggs' -w '[email protected]' '(sAMAccountName=joe.bloggs)'
    greppo · 2009-06-11 13:07:11 2
  • When Ldapsearch queries an Active directory server, all the dates are shown using a timestamp of 18 digits. This perl regexp decodes them in a more human friendly notation. 11644473600 corresponds to some microsoft epoch. Show Sample Output

    ldapsearch -v -H ldap://<server> -x -D cn=<johndoe>,cn=<users>,dc=<ourdomain>,dc=<tld> -w<secret> -b ou=<lazystaff>,dc=<ourdomain>,dc=<tld> -s sub sAMAccountName=* '*' | perl -pne 's/(\d{11})\d{7}/"DATE-AD(".scalar(localtime($1-11644473600)).")"/e'
    flux · 2009-04-22 00:57:34 0
  • This command line detect ldap hosts, by mandatory dns entry, then ping them to detect response average. based on ping response average it sorts and print the faster server in first output line Show Sample Output

    host -t srv _ldap._tcp | sed "s/.*[ ]\([^ ]*\)[.]$/\1/g" | xargs -i ping -c 1 {} | grep -E "(statistics|avg)" | sed "s/^--- \([^ ]*\).*/,\1:/g"|tr -d "\n" | tr "," "\n" | sed "1d;s|^\([^:]*\).*=[^/]*/\([^/]*\).*|\2\t\1|g" |sort -n
    glaudiston · 2016-09-02 03:26:29 0
  • Find statistics for an Edirectory server form LDAPsearch. We have a lot more examples at: The full command got shut off it is: ldapsearch -h -p636 -e C:\mydata\treerootcert.der -b "" -s base -D cn=admin,ou=administration,dc=willeke,dc=com -w secretpwd "(objectclass=*)" chainings removeEntryOps referralsReturned listOps modifyRDNOps repUpdatesIn repUpdatesOut strongAuthBinds addEntryOps compareOps wholeSubtreeSearchOps modifyEntryOps searchOps errors simpleAuthBinds inOps oneLevelSearchOps inBytes abandonOps bindSecurityErrors securityErrors unAuthBinds outBytes extendedOps readOps dsaName directoryTreeName vendorVersion vendorName Show Sample Output

    ldapsearch -h -p389 -b "" -s base -D cn=admin,ou=administration,dc=willeke,dc=com -w secretpwd "(objectclass=*)" chainings removeEntryOps referralsReturned listOps modifyRDNOps repUpdatesIn repUpdatesOut strongAuthBinds addEntryOps
    jwilleke · 2009-06-12 13:28:18 0
  • Shows list of users and their details in LDAP

    ldapsearch -x -LLL uid=*
    boylah · 2013-08-20 10:54:45 0
  • Permit to generate a password for userPassword in ldap. Use ?slappasswd -g? to generate a random passowrd. Show Sample Output

    evolix · 2011-10-13 14:46:03 0

What's this? is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands

Check These Out

Match a URL
For the record: I didn't build this. Just shared what I found that worked. Apologies to the original author! I decided I should fix the case where is not matched for the next time I need this. So I read rfc1035 and formalized the host name regex. If anyone finds any more holes, please comment.

Get a BOFH excuse
Gets a BOFH excuse from the BOFH excuse server ( port 666), and passes it through sed and tr to get rid of telnet connection stuff.

Increment the filename of png in a given directory by one

Convert CSV to JSON
Replace 'csv_file.csv' with your filename.

Convert CSV to JSON
Replace 'csv_file.csv' with your filename.

Get AWS temporary credentials ready to export based on a MFA virtual appliance
You might want to secure your AWS operations requiring to use a MFA token. But then to use API or tools, you need to pass credentials generated with a MFA token. This commands asks you for the MFA code and retrieves these credentials using AWS Cli. To print the exports, you can use: `awk '{ print "export AWS_ACCESS_KEY_ID=\"" $1 "\"\n" "export AWS_SECRET_ACCESS_KEY=\"" $2 "\"\n" "export AWS_SESSION_TOKEN=\"" $3 "\"" }'` You must adapt the command line to include: * $MFA_IDis ARN of the virtual MFA or serial number of the physical one * TTL for the credentials

Get a BOFH excuse
Almost same output with fewer typing... OP had a great idea : BOFH !!!

Detect encoding of a text file
This command gives you the charset of a text file, which would be handy if you have no idea of the encoding.

Extract tarball from internet without local saving

Save a file you edited in vim without the needed permissions (no echo)
Write a file you edited in Vim but that you do not have the permissions to write to (unless you use sudo.) Same as #1204 but without the echo to stdout that I find annoying.

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.


Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: