Chapter 9. LDAP

Table of Contents

LDAP search example

The Network Security Toolkit can be used as a LDAP testing tooling.

LDAP search example

This example uses openldap's ldap search to query an Enterprise Windows 2003 Server's Active Directory for all users.

Search Options Used

-h Win2003AD

LDAP server (Win2003AD)


Use simple authentication instead of SASL


Prompt for simple authentication

-D cn=Administrator,cn=Users,dc=lab1,dc=nst,dc=com

bind to the LDAP server with this distinguished name: ("cn=Administrator,cn=Users,dc=lab1,dc=nst,dc=com")

-b cn=Users,dc=lab1,dc=nst,dc=com

Start search from this branch point in the directory hierarchy: ("cn=Users,dc=lab1,dc=nst,dc=com")

-s sub

Use scope subtree


Filter to search all names.

Command with some results.

[root@probe root]# ldapsearch -h Win2003AD -x -W \
-D "cn=Administrator,cn=Users,dc=Lab1,dc=nst,dc=com" \
-b "cn=Users,dc=lab1,dc=nst,dc=com" -s sub "cn=*"

# DnsUpdateProxy, Users, lab1, nst, com
dn: CN=DnsUpdateProxy,CN=Users,DC=lab1,DC=nst,DC=com
objectClass: top
objectClass: group
cn: DnsUpdateProxy
description: DNS clients who are permitted to perform dynamic updates on
behal  f of some other clients (such as DHCP servers).
distinguishedName: CN=DnsUpdateProxy,CN=Users,DC=lab1,DC=nst,DC=com
instanceType: 4
whenCreated: 20030428181251.0Z
whenChanged: 20030428181251.0Z
uSNCreated: 12404
uSNChanged: 12404
name: DnsUpdateProxy
objectGUID:: uEZfx0w/4kyEDQjFdfq6pA==
sAMAccountName: DnsUpdateProxy
sAMAccountType: 268435456
groupType: -2147483646
objectCategory: CN=Group,CN=Schema,CN=Configuration,DC=lab1,DC=nst,DC=com

# Ronald W. Henderson, Users, lab1, nst, com
dn: CN=Ronald W. Henderson,CN=Users,DC=lab1,DC=nst,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: Ronald W. Henderson
sn: Henderson
description: Sys Admin
givenName: Ronald
initials: W
distinguishedName: CN=Ronald W. Henderson,CN=Users,DC=lab1,DC=nst,DC=com
instanceType: 4
whenCreated: 20030428185954.0Z
whenChanged: 20030509143500.0Z
displayName: Ronald W. Henderson
uSNCreated: 13905
memberOf: CN=Domain Admins,CN=Users,DC=lab1,DC=nst,DC=com
uSNChanged: 69829
name: Ronald W. Henderson
objectGUID:: BPu+7X0lvUetG1UbAujRYg==
userAccountControl: 66048
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 126974068888147426
lastLogoff: 0
lastLogon: 126974069001018408
pwdLastSet: 126969645008608914
primaryGroupID: 513
adminCount: 1
accountExpires: 9223372036854775807
logonCount: 32
sAMAccountName: rwh
sAMAccountType: 805306368
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=lab1,DC=nst,DC=com