CURL and LDAPS – How to Search and Debug

I hit an issue where I needed to Search LDAP from a machine I didn’t have access to install new RPMs on. I found this cool article on CURL and LDAP Search. I had to make some minor modifications to get it to work with a secure connection (–insecure ldaps:// and 636). I also added -v to diagnosis some connection problems.

curl "ldaps://127.0.0.1:636/DC=IBM.COM?cn,objectClass?sub?(objectClass=)" -u "cn=user1,ou=test_org3,o=dr,DC=IBM.COM" --insecure -v
Enter host password for user 'cn=user1,ou=test_org3,o=dr,DC=IBM.COM':
* Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 636 (#0)
* LDAP local: LDAP Vendor = OpenLDAP ; LDAP Version = 20428
* LDAP local: ldaps://127.0.0.1:636/DC=IBM.COM?cn,objectClass?sub?(objectClass=
)
* LDAP local: trying to establish encrypted connection
DN: dc=ibm.com
objectClass: domain
objectClass: top

DN: o=dr,dc=ibm.com
objectClass: organization
objectClass: top

DN: ou=test_org3,o=dr,dc=ibm.com
objectClass: organizationalunit
objectClass: top

You can then find the userids you need quickly. I left them off the output intentionally.

If you see connected, but no results, I suggest changing to the top level of the ldap, and using this string – ldaps://127.0.0.1:636/DC=IBM.COM?cn,objectClass?sub?(objectClass=*)

Leave a Reply

Your email address will not be published. Required fields are marked *