uxconsole -ldap Perform LDAP queries in Active Directory
Valid on UNIX
capamsc141
Valid on UNIX
Use this command to perform LDAP queries on Active Directory from a UNIX Authentication Broker endpoint that does not have LDAP installed. Use this command instead of the ldapsearch utility. You can use this command to troubleshoot UNIX Authentication Broker installation, For example, you can query Active Directory for the container to use.
Verify that you have a Ticket Granting Ticket (TGT) before you use this command. You can obtain a TGT using the command: uxconsole -krb.
The LDAP filter must comply with "RFC 2254".
This command has the following format:
uxconsole -ldap -search -delete [-d DC] [-p port] [-b base] [-s scope] [filter [attributes]]
- -searchSpecifies the search option
- -deleteDeletes a user from the Active Directory.
- -dDCSpecifies the Domain Controller to query
- -pportSpecifies the LDAP port to use
- -bbaseSpecifies the search base
- -s scopeSpecifies the search scopeDefault: sub
- filter[attributes]Specifies the filter and attributes to useIf you do not specify a filter, the '(objectClass=*) is used. If you do not specify any attributes, the select all option ('*') is used.
Example: Display a DSE
The following examples shows how you display a DSE:
./uxconsole -ldap -search '(&(objectClass=user) (objectCategory=user) )'