uxconsole -ldap Perform LDAP queries in Active Directory

Valid on UNIX
capamsc141
Valid on UNIX
Use this command to perform LDAP queries on Active Directory from a UNIX Authentication Broker endpoint that does not have LDAP installed. Use this command instead of the ldapsearch utility. You can use this command to troubleshoot UNIX Authentication Broker installation, For example, you can query Active Directory for the container to use.
Verify that you have a Ticket Granting Ticket (TGT) before you use this command. You can obtain a TGT using the command: uxconsole -krb.
The LDAP filter must comply with "RFC 2254".
This command has the following format:
uxconsole -ldap -search -delete [-d DC] [-p port] [-b base] [-s scope] [filter [attributes]]
  • -search
    Specifies the search option
  • -delete
    Deletes a user from the Active Directory.
  • -d
    DC
    Specifies the Domain Controller to query
  • -p
    port
    Specifies the LDAP port to use
  • -b
    base
    Specifies the search base
  • -s scope
    Specifies the search scope
    Default
    : sub
  • filter
    [attributes]
    Specifies the filter and attributes to use
    If you do not specify a filter, the '(objectClass=*) is used. If you do not specify any attributes, the select all option ('*') is used.
Example: Display a DSE
The following examples shows how you display a DSE:
./uxconsole -ldap -search '(&(objectClass=user) (objectCategory=user) )'