Tag: ldaps

  • CURL and LDAPS – How to Search and Debug

    I hit an issue where I needed to Search LDAP from a machine I didn’t have access to install new RPMs on. I found this cool article on CURL and LDAP Search. I had to make some minor modifications to get it to work with a secure connection (–insecure ldaps:// and 636). I also added -v to diagnosis some connection problems.

    curl "ldaps://127.0.0.1:636/DC=IBM.COM?cn,objectClass?sub?(objectClass=)" -u "cn=user1,ou=test_org3,o=dr,DC=IBM.COM" --insecure -v
    Enter host password for user 'cn=user1,ou=test_org3,o=dr,DC=IBM.COM':
    * Trying 127.0.0.1...
    * Connected to 127.0.0.1 (127.0.0.1) port 636 (#0)
    * LDAP local: LDAP Vendor = OpenLDAP ; LDAP Version = 20428
    * LDAP local: ldaps://127.0.0.1:636/DC=IBM.COM?cn,objectClass?sub?(objectClass=
    )
    * LDAP local: trying to establish encrypted connection
    DN: dc=ibm.com
    objectClass: domain
    objectClass: top

    DN: o=dr,dc=ibm.com
    objectClass: organization
    objectClass: top

    DN: ou=test_org3,o=dr,dc=ibm.com
    objectClass: organizationalunit
    objectClass: top

    You can then find the userids you need quickly. I left them off the output intentionally.

    If you see connected, but no results, I suggest changing to the top level of the ldap, and using this string – ldaps://127.0.0.1:636/DC=IBM.COM?cn,objectClass?sub?(objectClass=*)