Questions tagged [ldap-query]

1

votes
2

answer
91

Views

Calling a synchronous method in an async fashion?

I'm developing an ASP.NET MVC WebApi project and one of the methods needs to make a LDAP search. The amount of information the search retrieves from the LDAP server ensures the call takes at least 7 seconds to complete. The call, as it uses the System.DirectoryServices.Protocols classes and methods,...
Léster
1

votes
0

answer
103

Views

django-auth-ldap members groups not woking

i managed to get ldap authentification working, but the users groups aren't. when a user is autheticated the username, firstname, email ..etc are copied to the session, but the boolean values (gotten from the groups the user belongs to) aren't. this is my settings.py : AUTHENTICATION_BACKENDS = [ 'd...
1

votes
0

answer
39

Views

can we check if user is valid in active directory - grails 2.3.11

As of now we are using below snippet for authentication. But we need to check without getting password from user i.e., to check only if the user is valid in active directory def authenticate() { Hashtable env = new Hashtable() env.put(Context.INITIAL_CONTEXT_FACTORY, 'com.sun.jndi.ldap.LdapCtxFactor...
Guru
1

votes
0

answer
40

Views

LDAP err32 on Jetty JAAS setting with Openldap

I try to LDAP JAAS configuraion with openldap. I got err32 which is not found object error. 5c10ab9e conn=1033 op=0 BIND dn='uid=joe,ou=people,dc=example,dc=org' method=128 5c10ab9e conn=1033 op=0 BIND dn='uid=joe,ou=people,dc=example,dc=org' mech=SIMPLE ssf=0 5c10ab9e conn=1033 op=0 RESULT tag=97...
jun
1

votes
1

answer
39

Views

Identify sub-domain from the list of Domains in LDAP

In LDAP, I am able to find a list of domains when I run a query (&(objectCategory=domain)) on GC://. and result is, DC=xyz,DC=com DC=a,DC=xyz,DC=com DC=b,DC=xyz,DC=com Now, I want to identify which one is domain and which one is sub-domain based on LDAP property. Is it possible? If yes, then how...
savan_03
1

votes
1

answer
1.3k

Views

Coldfusion LDAP Authentication issue / domain prefix

I am currently setting up a dev environment which is an exact copy of our prod environment. The problem is when I try to authenticate a user by using CFLDAP tag in the dev environment, it won't let me authenticate the user without prefixing the username with the domain name while in the prod environ...
Jesse
1

votes
3

answer
11.2k

Views

How do ldap search for email address in contacts' 2nd/3rd alternate email addresses?

I have an LDAP server with my email contacts so that I can lookup contacts by name/email, etc. However, it only seems to search and find the first email address for any contact. For example, if I have a person: LastName: Doe FirstName: John Email: [email protected] Email2: [email protected] Email3: johnd...
Don Rhummy
1

votes
1

answer
1.4k

Views

How to read/write ldif file through a java program?

I chose to write a java program to take back up of my LDAP entries in LDIF file and also would like to rollback the modifications using the back up LDIF files, if needed. Please provide references and also other better approaches.
dinesh
1

votes
2

answer
1.9k

Views

How can I change username or email or phone number information in LDAP?

I have this script through which I can change my LDAP password but I also want to change my username or full name or email or phone number. How can I do that? When I echo out the records I only get info like my name and email but what do I need to do to make ldap_modify change my full name or phone...
Bulvak
1

votes
1

answer
463

Views

Symfony / LDAP query returning an empty array

I am using the bhLDAP plugin with the symfony framework. I am making an LDAP query on user login which will return specific results, then using those results to assign user privileges to sfGuargAuth. I can pull a query from one specific group, but none of the others. All other queries return an empt...
Carey Estes
1

votes
1

answer
980

Views

Authenticate weblogic security realm user against LDAP fails

I have installed weblogic '10.3.4.0' and created a domain business and created a user businessuser in the default security realm myrealm. The authenticator is a DefaultAuthenticator as in weblogic. Now, I want to authenticate the user in my standalone java application using LDAP. I have also tried c...
user1877246
1

votes
1

answer
70

Views

Replicated LDAP server

When we restart a replicated (consumer or mirrored) LDAP server, it accepts the connection from the clients even if it is out of sync. Is it expected? i.e. can a client bind with an LDAP server which is not fully recovered? If yes, then is there a way to disallow it?
Lokesh Agarwal
1

votes
1

answer
678

Views

Saved LDAP Query Locked Out Specific OU

Currently I can do this in powershell via this script: Search-ADAccount –LockedOut -SearchBase 'OU=location,OU=country,DC=company,DC=com' | ft Name, SamAccountName, LastLogonDate I would rather have it in a LDAP saved query, I found this one to display all locked out accounts in the company: (&(&(...
Ty.
1

votes
1

answer
554

Views

What are the caveats of using 'isMemberOf' virtual attribute to determine a user's group membership?

Do all LDAP servers support this virtual attribute (by default)? I read that we have to enable this virtual attribute before using it. Is this how it works for all LDAP servers? Isn't this enabled by default? Are there any other drawbacks of using this to determine a user's group membership?
coder
1

votes
2

answer
2.7k

Views

php ldap_search in Active Directory root DN - empty results

I am trying to query Active directory for a given user group membership. When I search a specific user's OU, the search works ok. When I try to search the entire directory, the result is empty. Since I have many user OU's, and specific user OU may vary. The system is CentOS 6.4 with PHP+Apache. Here...
David Peer
1

votes
1

answer
879

Views

LDAP filter for numeric value

How can I change this query to find only records with numeric value of telephoneNumber attribute? (&(objectClass=user)(telephoneNumber=*)(MemberOf=CN=Users,OU=Groups,DC=domain,DC=local))' I have to be sure that this field contains only digits.
Driver
1

votes
1

answer
3k

Views

LDAP Query - get all the member's emails from a given AD distrib group?

I am trying to run a LDAP query against AD to give me all the email addressed for a given group. I tried this but it gives me the email address for the distribution but not for the members. I tried this (&(objectCategory=group)(Name=My-TEST-Group)) LDAP query with Mail being output but it does not...
Green Code
1

votes
1

answer
46

Views

Can LDAP entry belong to OU that not in its DN?

Can LDAP entry belong to OU that not in its DN? For example, can the entry with the following DN belong to OU=QA? CN=bob, OU=RnD ,DC=test,DC=com Or it belongs only to one OU=RnD? In another words can I find all OU of an entry by looking on its path in LDAP?
Michael
1

votes
1

answer
224

Views

Listing all OU's in LDAP with Rails

I am trying to list all Organizational Units (OU) from my LDAP directory. I am using the 'devise_ldap_authenticatable' gem to authenticate my users. The LDAP sign in works fine. I am trying to get all the OU's now. I'm new to LDAP, please let me know if my search query is wrong here. ldap = Net::LDA...
Swaathi Kakarla
1

votes
1

answer
196

Views

LDAP Search String Exclude

I am rewriting a few PowerShell scripts to work in PHP and this one has me stuck. I need to get a list of computers, but exclude those with -NEW and -OLD. Below is how I would think to do it, but when I try that I get ldap_search(): Search: Bad search filter as an error. $LDAP_Search_String = '(&(ob...
Unfundednut
1

votes
1

answer
329

Views

Inconsistent LDAP filter results

I'm attempting to find out if a user is an indirect member of a specific AD group. This is done from a Delphi XE5 program but, for clarity, I have written (and tested) my samples in PowerShell. Unfortunately, I receive completely inconsistent results from my LDAP queries: the same query will sometim...
Stephane
1

votes
1

answer
1.4k

Views

LDAP Query the global catalog

I'm trying to make an LDAP query for get all the user member of a group. The problem is that this group is populated with user from multiple AD domains and I've to get all the members user with a singe query. According to this page I can reach my goal by querying the Global Catalog. ldapsearch -x -W...
Cybergatto
1

votes
2

answer
1.8k

Views

Create shell script for ldapsearch with input file

I have a list of users in a text file. I need to query our campus Active Directory to make sure these users are still 'active' users (my machines are not part of the campus AD). The list of users is mapped to a number of identical attributes on the AD (name, cn, sAMAccountName, uid, gecos). I can su...
stephenswmed
1

votes
1

answer
85

Views

LDAP search returns less objects than expected

I am attempting to pull every user from Active Directory. I am using this method currently: DirectorySearcher search = new DirectorySearcher(); search.Filter = '(objectClass=user)'; foreach (SearchResult result in search.FindAll()) { if(result.Properties['mail'].Count > 0 && result.Prope...
Code
1

votes
1

answer
566

Views

memberOf values from inherited groups and roles / filtering

I'm very new to LDAP and trying to setup inherited model for user logins with access level specific to department, etc. Example schema would look like this: DN: dc=domain,dc=com /cn=people (groupOfNames) /joe (inetOrgPerson) /alex (inetOrgPerson) /nick...
Alex Smirnov
1

votes
1

answer
1.2k

Views

Using PrincipalContext to search LDAP (Active Directory) for all usernames, and their information

I'm having problems with this code... apparently, it works, but is too slow for me, does anyone have any ideas? It slows down when I try to get access the following Dim u As UserPrincipal = UserPrincipal.FindByIdentity(ctx, p.SamAccountName) Again, the following code works just fine, but it's slow a...
TonyW
1

votes
1

answer
132

Views

Ruby LDAP Query Novell eDirectory

I want to connect to Novell eDirectory with Ruby, but I have TimeOut on 'open_connection'. What do you think? require 'net/ldap' ldap = Net::LDAP.new :host => '172.21.45.60', :port => 686, :encrytion => :simple_tls, :auth => { :method => :simple, :username => 'cn=XXX,ou=XXX,ou=XXX,o=XXX', :password...
safernandez666
1

votes
1

answer
365

Views

Get LDAP contacts from two different branches

I need to construct an LDAP search query to get contacts from two different branches, The first branch is: Base dir: CN=Users,dc=core,dc=dir,dc=mycompany,dc=com filter: cn=* The second branch is: base dir: OU=People,OU=eProfile,dc=core,dc=dir,dc=mycompany,dc=com filter: cn=* Each search query on its...
Sarah
1

votes
1

answer
320

Views

How to filter value 1/1/1601 1:00:00 AM of password last set?

I want to print out the password last set values by using 'paswordLastSet' attribute. After implementing some filters as the following: $passwordLS = $user.Properties.Item('pwdLastSet')[0] if($passwordLS -eq 0) { $value = 'No password last set' } else { $value = [DateTime]::FromFileTime($pa...
Ender
1

votes
1

answer
78

Views

How do I query using ldapsearch what LDAP groups are members of other groups?

I'm working with an LDAP installation whose structure is not well documented. I think the tools that are normally used to add entries into it can create nested groups that a reused for assigning multiple permissions to users. By this, I mean: User1 (o=users) -- is member of --> Group1 (o=groups) -...
John
1

votes
1

answer
1.2k

Views

Active Directory: Get all group members

Question: How do I retrieve all group members in a consistent manner? Context: I am retrieving all objects that are either person, group, contact, or computer: Filter = '(|(objectCategory=person)(objectCategory=computer)(objectCategory=group))' I now need to retrieve all members of groups. I have de...
J Weezy
1

votes
1

answer
0

Views

LDAP Filter in DN-String attribute

I am trying to create LDAP Filter that search by part of DN-String in attribute. If I filter with Full string, It works fine, for example: attrName:dn:=full_value But if I search by part of text with *, it is Invalid: attrName:dn:=value* How can I filter a DN-String attribute by part of text?
Bat
1

votes
1

answer
0

Views

Delete User from AD Group

I am trying to delete a user from an Active Directory group via code. Getting the helpful error of: Exception has been thrown by the targe of an invocation' Trace: Stack Trace: at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args) at Active_Directory.RemoveUserFromGrou...
1

votes
3

answer
0

Views

ldap_get_entries returns array with element count=zero

In some situations ldap_get_entries returns array with element count=zero, so I have an array like array('count'=>0) without any further entries. What are the conditions for this to happen? PS: if the OU I am searching in is empty I am getting a different error (Invalid Base DN) if the user doesn't...
Patkos Csaba
1

votes
1

answer
0

Views

Checking User Groups in Perl Net::LDAP

I have a Perl Subversion pre-commit hook that allows me to verify whether or not a user has permissions to change or add to a particular point in a Subversion repository. It uses a Control file that looks like this: [GROUP SERVER] users = bob, ted, carol, alice [GROUP CLIENT] users = tom, dick, harr...
David W.
1

votes
3

answer
0

Views

Findout the LDAP groups in which given uid is belong

I have a little bit knowledge of LDAP. I have organozational structure in LDAP in below format, uid=test.gen,OU=Generics,O=cco.mycomp.com Above uid is part of group 'EF_GROUP' and some other groups also. Now i am only getting leaf note value in my method that is 'test.gen'. So my problem is that i w...
Sharad Ahire
1

votes
2

answer
0

Views

Creating foreign JNDI settings in weblogic and lookup from Java client

Please post if there is any example/steps to configuring external LDAP and execute LDAP queries on it. I tried the following creating Foreign JNDI Providers Created remote and local JNDI names from servlet client, I tried lookup using foreign jndi name, local and remote jndi names Finally lookup wi...
Nageswara Rao
1

votes
1

answer
2.5k

Views

How I use a “NOT” operator in the ldap filter

I use a filter for search a list of user in Active Directory... Here is my filter example: AD.filterung = '(&(objectClass=user)(objectCategory=user)(userAccountControl:1.2.840.113556.1.4.803:=2)(sn=)(|(telephoneNumber=)(mail=))(l=' + Werk + ')(cn=))'; It show me all user with UF_ACCOUNT_DISABLE but...
Tarasov
1

votes
2

answer
7.1k

Views

vbs ldap query issues

i am currently trying to use my small knowledge of scripting to search through ldap find a user based on a variable then get my the displayname for that user. so far i ahve the below and im stuck On Error Resume Next Dim objNetwork Dim userName Set objNetwork = CreateObject('WScript.Network') u...
TLDAN
1

votes
1

answer
3.6k

Views

LDAP extensible match filtering. Exclude groups base on OU text pattern

I have an Active Directory root like: dc=ooo,dc=yyy,dc=xx under this root there are several OUs like: ou=Applications,dc=ooo,dc=yyy,dc=xx ou=PKI,ou=Applications,dc=ooo,dc=yyy,dc=xx ou=Servers,dc=ooo,dc=yyy,dc=xx ou=Location1,ou=Servers,dc=ooo,dc=yyy,dc=xx ou=Department1,dc=ooo,dc=yyy,dc=xx ou=Subdep...
thanili

View additional questions