[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: ldapsearch of Active Directory?
I have migrated our dev environment to support ldapseraches and have had
a great success with it. I used a sloppy but stable tool on out AD
servers called AD4Unix http://www.css-solutions.ca/ad4unix/ this allows
Linux/Unix to interoperate with Win2K Server. The ldapsearch doesn't
really work until you allow anonymous searches. If I remember correctly
there is a Q article on the matter.
Cheers,
Shane
-----Original Message-----
From: Andrew Petrov [mailto:apetrov@keyspanenergy.com]
Sent: Tuesday, February 25, 2003 4:54 PM
To: Vsevolod (Simon) Ilyushchenko
Cc: openldap-software@OpenLDAP.org
Subject: Re: ldapsearch of Active Directory?
Hi,
I tried a similar search, but used the administrator account as bind
dn.
I got a lot more data, but not all the attributes (such as passwords).
Anyone tried to use Net::LDAP for this?
Thanks,
- Andrew.
"Vsevolod (Simon) Ilyushchenko" wrote:
> Hi,
>
> I am trying to access AD using ldapsearch like this: ldapsearch -x -h
> server -b "dc=our-domain,dc=com"
>
> Instead of the expected list of all users I get a whopping 17 entries:
> The first one is what I presume to be the root node, with managedBy,
> masteredBy etc attributes, and the rest describe root DNS servers. And
> then there is a reference to a CN=Configuration entry.
>
> A similar search run on an Openldap server produces the complete dump.
> Does anyone have an idea of how to do a similar dump of AD? Or do I
> have to bind in order to do it?
>
> Thanks,
> Simon
>
> --
>
> Simon (Vsevolod ILyushchenko) simonf@cshl.edu
> http://www.simonf.com
>
> "Large software projects are like werewolves because
> they transform unexpectedly from the familiar into horrors."
> Fred Brooks
--
apetrov@keyspanenergy.com (718) 403-2854
"Nothing is impossible, it's just a matter of time and money."