[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch without



> Can you get group information from a user without the -D and -w options
> on ldapsearch ?  I want to query the user without
>
> Having to know the -D and -w fields.

The "-D and -w fields" means authentication.  If you mean search info
without prior authentication, the answer in short is: yes, but the info
you're asking for must allow search and read to anonymous.  It's simply a
matter of using the appropriate ACLs.  See slapd.conf(5) and
slapd.access(5) for an ultimative word on how ACLs work.

p.

>
>
>
>
>
> This one worked:
>
>
>
> /usr/bin/ldapsearch  -LLL -x -h 10.0.0.25 -p 389 -D "rontest@rp-eng.com"
> -w rontest -b "dc=rp-eng,dc=com" "(SamAccountName=rontest)"  dn
>
> dn: CN=rontest test,CN=Users,DC=rp-eng,DC=com
>
>
>
> # refldap://rp-eng.com/CN=Configuration,DC=rp-eng,DC=com
>
>
>
>
>
> This does not get the info.
>
>
>
> /usr/bin/ldapsearch  -v -LLL -x -h 10.0.0.25 -p 389   -b
> "dc=rp-eng,dc=com" "(SamAccountName=rontest)"   dn
>
> ldap_init( 10.0.0.25, 389 )
>
> filter: (SamAccountName=rontest)
>
> requesting: dn
>
> # refldap://rp-eng.com/CN=Configuration,DC=rp-eng,DC=com
>
>
>
>
>
>
>
>
>
>
>
>


-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it