Articles in this section

How to list ldap users and groups using ldapsearch?

Lucien

Context

The ldapsearch command can be used to validate the aerospike ldap setup and get a list of ldap users and roles.

Method

a) List all group and users:

ldapsearch -x -b dc=field,dc=aerospike,dc=com -D "cn=admin,dc=field,dc=aerospike,dc=com" -w admin

b) List a specific user identified by uid:

ldapsearch -x -b dc=field,dc=aerospike,dc=com -D "cn=admin,dc=field,dc=aerospike,dc=com" -w admin '(uid=aerospike)'

output:

# extended LDIF
#
# LDAPv3
# base <dc=field,dc=aerospike,dc=com> with scope subtree
# filter: (uid=aerospike)
# requesting: ALL
#

# aerospike, People, field.aerospike.com
dn: uid=aerospike,ou=People,dc=field,dc=aerospike,dc=com
objectClass: top
objectClass: account
objectClass: posixAccount
objectClass: shadowAccount
cn: aerospike
uid:: YmFkd2FuIA==
uidNumber: 1001
gidNumber: 1001
homeDirectory: /home/aerospike
loginShell: /bin/bash
gecos:: YmFkd2FuIA==
userPassword:: YWVyb3NwaWtl
shadowLastChange: 0
shadowMax: 0
shadowWarning: 0

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

c) List a specific role/group identify by memberUid:

ldapsearch -x -b dc=field,dc=aerospike,dc=com -D "cn=admin,dc=field,dc=aerospike,dc=com" -w admin '(memberUid=aerospike)'

output:

ldapsearch -x -b dc=field,dc=aerospike,dc=com -D "cn=admin,dc=field,dc=aerospike,dc=com" -w admin '(memberUid=aerospike)'
# extended LDIF
#
# LDAPv3
# base <dc=field,dc=aerospike,dc=com> with scope subtree
# filter: (memberUid=aerospike)
# requesting: ALL
#

# read-write-udf, field.aerospike.com
dn: cn=read-write-udf,dc=field,dc=aerospike,dc=com
objectClass: top
objectClass: posixGroup
gidNumber: 680
cn: read-write-udf
memberUid:: YmFkd2FuIA==

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

 

Applies To Earliest Version

Pre 4.9

Applies To Latest Version

Current Version
Was this article helpful?
0 out of 0 found this helpful