[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldapsearch without
- To: <ron@rovingplanet.com>
- Subject: Re: ldapsearch without
- From: "Pierangelo Masarati" <ando@sys-net.it>
- Date: Thu, 1 Apr 2004 09:45:05 +0200 (CEST)
- Cc: <openldap-software@OpenLDAP.org>
- Importance: Normal
- In-reply-to: <6A94CF724B046C4FB3434D14A49A58BF05AD35@pluto.rovingplanet.com>
- References: <6A94CF724B046C4FB3434D14A49A58BF05AD35@pluto.rovingplanet.com>
> Can you get group information from a user without the -D and -w options
> on ldapsearch ? I want to query the user without
>
> Having to know the -D and -w fields.
The "-D and -w fields" means authentication. If you mean search info
without prior authentication, the answer in short is: yes, but the info
you're asking for must allow search and read to anonymous. It's simply a
matter of using the appropriate ACLs. See slapd.conf(5) and
slapd.access(5) for an ultimative word on how ACLs work.
p.
>
>
>
>
>
> This one worked:
>
>
>
> /usr/bin/ldapsearch -LLL -x -h 10.0.0.25 -p 389 -D "rontest@rp-eng.com"
> -w rontest -b "dc=rp-eng,dc=com" "(SamAccountName=rontest)" dn
>
> dn: CN=rontest test,CN=Users,DC=rp-eng,DC=com
>
>
>
> # refldap://rp-eng.com/CN=Configuration,DC=rp-eng,DC=com
>
>
>
>
>
> This does not get the info.
>
>
>
> /usr/bin/ldapsearch -v -LLL -x -h 10.0.0.25 -p 389 -b
> "dc=rp-eng,dc=com" "(SamAccountName=rontest)" dn
>
> ldap_init( 10.0.0.25, 389 )
>
> filter: (SamAccountName=rontest)
>
> requesting: dn
>
> # refldap://rp-eng.com/CN=Configuration,DC=rp-eng,DC=com
>
>
>
>
>
>
>
>
>
>
>
>
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it