LDAP search to query an Active Directory server

You need to determine the levels of the hierarchy from the top to the level that contain the identifier you want to use. This defines the DN to search the LDAP database. Frequently used distinguished name elements include:
• uid (user identification)
• pw (password)
• cn (common name)
• ou (organizational unit)
• o (organization)
• c (country)
One way to test this is with a text-based LDAP client program. For example, OpenLDAP
includes a client, ldapsearch, that you can use for this purpose. Enter the following at the command line:

$ ldapsearch -LLL -H ldap://activedirectory.example.com:389 -b ‘dc=example,dc=com’ -D ‘DOMAIN\Joe.Bloggs’ -w ‘[email protected]’ ‘(sAMAccountName=joe.bloggs)’



dn: CN=Joe.Bloggs,DC=example,DC=com



source: http://www.commandlinefu.com/commands/view/2402/ldap-search-to-query-an-activedirectory-server

and fortigate docs

Leave a Reply