ldapsearch Simple Usage

Simple usage of LDAP search against Active Directory LDAP store. The below examples should work with both Windows and Samba Active Directory Servers.

The tools below are available on Alpine Linux after installing the openldap-clients package:

apk add openldap-clients

Query a User using their sAMAccountName

A sAMAccountName is the username without the domain. The domain is specified in the query.

ldapsearch -Z -h server.mydomain.co.uk:3268 \
    -D 'MYDOMAIN\administrator' \
    -w 'myPassword123' -b 'dc=mydomain,dc=co,dc=uk' \
    '(&(objectClass=user)(sAMAccountName=administrator))'

Arguments

• -Z use TLS
• -h server and port number (can be tricky)
• -D bind DN (distinguished name) in the above example the old Windows NT 4 style is being used.
• -w password
• -b base DN for the search
• (&(object... the LDAP query to execute

Query a user using their Principal Name

Although we provided the Windows NT 4.0 username as the Distinguished Name in the previous example Active Directory will accept the LDAP property userPrincipalName (often the user's email address) for both the bind DN and the search query:

ldapsearch -Z -h server.mydomain.co.uk:3268 \
    -D 'administrator@mydomain.co.uk' \
    -w 'myPassword123' -b 'dc=mydomain,dc=co,dc=uk' \
    '(&(objectClass=user)(userPrincipalName=administrator@mydomain.co.uk))'

Other Ports

Some operations may not be available on some ports... this is true for Samba 4 some other Active Directory (LDAP) ports are:

389
636
3268
3269

The last two are marked GC which stands for Global Catalog.

References

• MSNOOB AD Ports