ldapsearch with username and password

ldap ubuntu-14.04 openldap
jack picture jack · Mar 16, 2017 · Viewed 52.2k times · Source

Here is my LDAP ORG Structure:

LDAP ORG Structure

I created user with first, last name with password. But it is not working when am trying to connect using jdbc. Error says invalid credentials. Then I tried ldapsearch as follows:

I followed this process for users and group creation: 

root@ip:/home# ldapwhoami
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
    additional info: SASL(-13): user not found: no secret in database

root@ip:/# ldapsearch -x -LLL -h ip -D username -w password -b"cn=admin,dc=ivhdev,dc=local" -s sub "(objectClass=*)" "givenName=username*"
ldap_bind: Invalid DN syntax (34)
    additional info: invalid DN

Please suggest/correct me, if am passing the right info in DN syntax. I am unable to validate the user credentials with their name and password.

Answer

anacron picture anacron · Mar 17, 2017

The -D option takes the DN for logging in to your LDAP server.

The -b option takes the search base in your LDAP tree where you want to search for the user's given name.

So, your ldapsearch command becomes:

ldapsearch -x -LLL -h ip -D 'cn=admin,dc=ivhdev,dc=local' -w password -b 'dc=users,dc=local' -s sub '(objectClass=*)' 'givenName=username*'

Related questions

What are the differences between LDAP and Active Directory?

What are the differences between LDAP and Active Directory?

Read More
What are CN, OU, DC in an LDAP search?

I have a search query in LDAP like this. What exactly does this query mean? ("CN=Dev-India,OU=Distribution Groups,DC=gp,DC=gl,DC=google,DC=com");

Read More
How to write LDAP query to test if user is member of a group?

I want to write an LDAP query which tests whether a user (sAMAccountName) is a member of a particular group. Is it possible to do that so that I get either 0 or 1 result records? I guess I can get all …

Read More