[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch without

To: <ron@rovingplanet.com>
Subject: Re: ldapsearch without
From: "Pierangelo Masarati" <ando@sys-net.it>
Date: Thu, 1 Apr 2004 09:45:05 +0200 (CEST)
Cc: <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <6A94CF724B046C4FB3434D14A49A58BF05AD35@pluto.rovingplanet.com>
References: <6A94CF724B046C4FB3434D14A49A58BF05AD35@pluto.rovingplanet.com>

> Can you get group information from a user without the -D and -w options
> on ldapsearch ?  I want to query the user without
>
> Having to know the -D and -w fields.

The "-D and -w fields" means authentication.  If you mean search info
without prior authentication, the answer in short is: yes, but the info
you're asking for must allow search and read to anonymous.  It's simply a
matter of using the appropriate ACLs.  See slapd.conf(5) and
slapd.access(5) for an ultimative word on how ACLs work.

p.

>
>
>
>
>
> This one worked:
>
>
>
> /usr/bin/ldapsearch  -LLL -x -h 10.0.0.25 -p 389 -D "rontest@rp-eng.com"
> -w rontest -b "dc=rp-eng,dc=com" "(SamAccountName=rontest)"  dn
>
> dn: CN=rontest test,CN=Users,DC=rp-eng,DC=com
>
>
>
> # refldap://rp-eng.com/CN=Configuration,DC=rp-eng,DC=com
>
>
>
>
>
> This does not get the info.
>
>
>
> /usr/bin/ldapsearch  -v -LLL -x -h 10.0.0.25 -p 389   -b
> "dc=rp-eng,dc=com" "(SamAccountName=rontest)"   dn
>
> ldap_init( 10.0.0.25, 389 )
>
> filter: (SamAccountName=rontest)
>
> requesting: dn
>
> # refldap://rp-eng.com/CN=Configuration,DC=rp-eng,DC=com
>
>
>
>
>
>
>
>
>
>
>
>


-- 
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it

Prev by Date: RE: Is ->LDAP->SASL->SASLAUTHD->LDAP the only way... further information
Next by Date: Antwort: Re: SASL/GSSAPI keytab location [Virus checked]
Index(es):
- Chronological
- Thread