Topic
  • 4 replies
  • Latest Post - ‏2013-06-17T08:59:49Z by nurulbalqis
nurulbalqis
nurulbalqis
9 Posts

Pinned topic How to search Base DN value using LDAPSEARCH command?

‏2013-06-12T09:11:31Z |

Hi,

I only have this root user info:

cn=root , password=secret

Based on the limited info, how can i search for Base DN value and RDN Value for root user through LDAP V6.1 command?

 

I do run dsquery command to find the Base DN value.But all value not valid with root user.

I cant check the RDN value thru console because the previous developer does not installed the TDS along  together with TDS Web Admin Tool Console.

 

Looking forward for any reply.

Thank you.

 

 

Updated on 2013-06-13T07:10:24Z at 2013-06-13T07:10:24Z by nurulbalqis
  • franzw
    franzw
    347 Posts
    ACCEPTED ANSWER

    Re: How to search Base DN value using LDAPSEARCH command?

    ‏2013-06-13T07:25:58Z  

    Hi thanxs for reply.

    I do run the command, but the output is ldap_simple_bind: Can't contact LDAP server

    Can i used the same command for replicate user TDS?

    Let say i have replicate user cn=binddn password-123456 instead of cn=root / secret

    I run the same command to retrieve Base Dn value for binddn user, but the output still same.

    Do they have any particular attributes that can be used to retrieve Base DN value?

    For example -replicaCredentials, replicaBindCredentials

    Thank you.

    If you cannot connect to the ldap server it is either your host you need to speficy (-h <hostname>) or the port if different from 389 (-p <port>).

    If your credentials are wrong you would have received a bind error.

    As stated - normally you will normally not use any binddn to get the rootDSE - and you should definitely IM>HO use the replica bind dns for any other purpose than those required by the replica setup.

    My advice is that you should take some time to study the "ldap bible" - although old (and  big !) it contains a good starting point to understand what the TDS server is doing : http://www.redbooks.ibm.com/abstracts/sg244986.html

    HTH

    Regards

    Franz Wolfhagen

  • franzw
    franzw
    347 Posts

    Re: How to search Base DN value using LDAPSEARCH command?

    ‏2013-06-13T06:42:41Z  

    I think this is what you are looking for :

    ldapsearch -b "" -s base  objectclass=*

    Normally the rootDSE (which is what you get with this commend) is not secured as this shows the capabilities of the ldap server - but in case it should secured (you will have to do this - in TDS this is public by default) you can add the bind DN.

    The base DN values (yes - there is more than one) will be in the namingContexts multivalue attribute.

    For further learning make a search on "ldap rootdse" on the www.

    HTH

    Regards

    Franz Wolfhagen

  • nurulbalqis
    nurulbalqis
    9 Posts

    Re: How to search Base DN value using LDAPSEARCH command?

    ‏2013-06-13T07:09:42Z  
    • franzw
    • ‏2013-06-13T06:42:41Z

    I think this is what you are looking for :

    ldapsearch -b "" -s base  objectclass=*

    Normally the rootDSE (which is what you get with this commend) is not secured as this shows the capabilities of the ldap server - but in case it should secured (you will have to do this - in TDS this is public by default) you can add the bind DN.

    The base DN values (yes - there is more than one) will be in the namingContexts multivalue attribute.

    For further learning make a search on "ldap rootdse" on the www.

    HTH

    Regards

    Franz Wolfhagen

    Hi thanxs for reply.

    I do run the command, but the output is ldap_simple_bind: Can't contact LDAP server

    Can i used the same command for replicate user TDS?

    Let say i have replicate user cn=binddn password-123456 instead of cn=root / secret

    I run the same command to retrieve Base Dn value for binddn user, but the output still same.

    Do they have any particular attributes that can be used to retrieve Base DN value?

    For example -replicaCredentials, replicaBindCredentials

    Thank you.

    Updated on 2013-06-13T07:11:05Z at 2013-06-13T07:11:05Z by nurulbalqis
  • franzw
    franzw
    347 Posts

    Re: How to search Base DN value using LDAPSEARCH command?

    ‏2013-06-13T07:25:58Z  

    Hi thanxs for reply.

    I do run the command, but the output is ldap_simple_bind: Can't contact LDAP server

    Can i used the same command for replicate user TDS?

    Let say i have replicate user cn=binddn password-123456 instead of cn=root / secret

    I run the same command to retrieve Base Dn value for binddn user, but the output still same.

    Do they have any particular attributes that can be used to retrieve Base DN value?

    For example -replicaCredentials, replicaBindCredentials

    Thank you.

    If you cannot connect to the ldap server it is either your host you need to speficy (-h <hostname>) or the port if different from 389 (-p <port>).

    If your credentials are wrong you would have received a bind error.

    As stated - normally you will normally not use any binddn to get the rootDSE - and you should definitely IM>HO use the replica bind dns for any other purpose than those required by the replica setup.

    My advice is that you should take some time to study the "ldap bible" - although old (and  big !) it contains a good starting point to understand what the TDS server is doing : http://www.redbooks.ibm.com/abstracts/sg244986.html

    HTH

    Regards

    Franz Wolfhagen

  • nurulbalqis
    nurulbalqis
    9 Posts

    Re: How to search Base DN value using LDAPSEARCH command?

    ‏2013-06-17T08:59:49Z  
    • franzw
    • ‏2013-06-13T07:25:58Z

    If you cannot connect to the ldap server it is either your host you need to speficy (-h <hostname>) or the port if different from 389 (-p <port>).

    If your credentials are wrong you would have received a bind error.

    As stated - normally you will normally not use any binddn to get the rootDSE - and you should definitely IM>HO use the replica bind dns for any other purpose than those required by the replica setup.

    My advice is that you should take some time to study the "ldap bible" - although old (and  big !) it contains a good starting point to understand what the TDS server is doing : http://www.redbooks.ibm.com/abstracts/sg244986.html

    HTH

    Regards

    Franz Wolfhagen

    I have solved the issue.

    Thank you Franz..You helped me a lot :)