apt-get install ldap-utils
====== Basic query ======
Check if anonymous bind was accepted by server:
$ ldapsearch -H ldap://server -x
# extended LDIF
#
# LDAPv3
# base (default) with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 32 No such object
# numResponses: 1
List root entries:
$ ldapsearch -H ldap://server -x -LLL -s base -b '' namingContexts
dn:
namingContexts: dc=example,dc=org
====== .ldaprc ======
BASE dc=example,dc=org
URI ldap://server
BINDDN cn=admin,dc=example,dc=org
and verify if it works. First command will ask for password for user "cn=admin" or password can be specified by argument (second one):
ldapsearch -x -W
ldapsearch -x -w admin
====== cn=config =====
$ ldapsearch -x -W -LLL -s base -D 'cn=admin,cn=config' -b 'cn=config' dn
Enter LDAP Password:
dn: cn=config
$ ldapsearch -x -W -LLL -D 'cn=admin,cn=config' -b 'cn=config' dn
Enter LDAP Password:
...
dn: olcDatabase={1}mdb,cn=config
...
$ ldapsearch -x -W -LLL -D 'cn=admin,cn=config' -b 'cn=config' 'olcDatabase={1}mdb'
Enter LDAP Password:
dn: olcDatabase={1}mdb,cn=config
objectClass: olcDatabaseConfig
objectClass: olcMdbConfig
olcDatabase: {1}mdb
olcDbDirectory: /var/lib/ldap
olcSuffix: dc=example,dc=org
olcAccess: {0}to attrs=userPassword,shadowLastChange by self write by dn="cn=admin,dc=example,dc=org" write by anonymous auth by * none
olcAccess: {1}to * by self read by dn="cn=admin,dc=example,dc=org" write by * none
olcLastMod: TRUE
olcRootDN: cn=admin,dc=example,dc=org
olcRootPW: {SSHA}abcdef...
olcDbCheckpoint: 512 30
olcDbIndex: uid eq
olcDbIndex: mail eq
olcDbIndex: memberOf eq
olcDbIndex: entryCSN eq
olcDbIndex: entryUUID eq
olcDbIndex: objectClass eq
olcDbMaxSize: 1073741824
====== SASL ======
$ ldapsearch -x -LLL -s base -b "" supportedSASLMechanisms
dn:
supportedSASLMechanisms: SCRAM-SHA-1
supportedSASLMechanisms: GS2-IAKERB
supportedSASLMechanisms: GS2-KRB5
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: GSS-SPNEGO
supportedSASLMechanisms: DIGEST-MD5
supportedSASLMechanisms: OTP
supportedSASLMechanisms: CRAM-MD5
supportedSASLMechanisms: NTLM
ldapsearch -x -W -D 'cn=admin,dc=example,dc=org'
ldapsearch -x -W -D 'uid=nextcloudsystemuser,ou=it,dc=grinn-global,dc=com'