Discussion:
how to do search using idsldapsearch/ldapsearch SDS 6.3.1
(too old to reply)
Claus Holmelin Hoyer
2016-07-27 09:28:32 UTC
Permalink
Hi.

Since fairly new to IBM Security Directory Server, I do a lot of stuff using the IBM Security Directory Server Web Administration Tool.
Here I place a search (under Directory management -> Find entries)

Simple
Find entries with the following object class.
top

Narrow the simple search by specifying an additional parameter.
Attribute
uid

Is equal to
*

Which I think gives me the complete list of all UID's

How do I make the same seach using ldapsearch/idsldapsearch?

Thanks in advance.
Claus.
Franz Wolfhagen
2016-07-29 07:20:04 UTC
Permalink
Post by Claus Holmelin Hoyer
Hi.
Since fairly new to IBM Security Directory Server, I do a lot of stuff using the IBM Security Directory Server Web Administration Tool.
Here I place a search (under Directory management -> Find entries)
Simple
Find entries with the following object class.
top
Narrow the simple search by specifying an additional parameter.
Attribute
uid
Is equal to
*
Which I think gives me the complete list of all UID's
How do I make the same seach using ldapsearch/idsldapsearch?
Thanks in advance.
Claus.
It is really seldom that we see activity here in this forum - that really deserves a decent answer.... :-)

First - I will recommend a good ldap learning site - it is based on openldap so there will be some minor differences (in the areas where the ldap protocol is not covering - e.g. group membership) : http://zytrax.com/books/ldap/

Second - here is the link to the IBM Official documentation for the (ids)ldapsearch command : http://www.ibm.com/support/knowledgecenter/en/SSVJJU_6.3.1/com.ibm.IBMDS.doc_6.3.1/concept/c_cr_clientutils.html

Now - to the actual question :

ldapsearch -h <your host> -p <your port> -b <your base> -D <bind DN> -w <password> uid=*

host is optional - if you are on the server it defaults to localhost - same goes for port which defaults to the ldap standard port 389.

The base should be the suffix (e.g. o=mycompany,c=dk) - in the general case is just where in the ldap tree you want you search to start (-s is used to set whether you want to use subtree search (default) of base/onelevel).

The bind dn is your login user - cn=root is the root user (and should not be used in the general case).

But read the zytrax guide - and let us know if you need more assistance :-)

HTH
Regards
Franz Wolfhagen
Claus Holmelin Hoyer
2016-08-31 09:32:35 UTC
Permalink
Post by Franz Wolfhagen
Post by Claus Holmelin Hoyer
Hi.
Since fairly new to IBM Security Directory Server, I do a lot of stuff using the IBM Security Directory Server Web Administration Tool.
Here I place a search (under Directory management -> Find entries)
Simple
Find entries with the following object class.
top
Narrow the simple search by specifying an additional parameter.
Attribute
uid
Is equal to
*
Which I think gives me the complete list of all UID's
How do I make the same seach using ldapsearch/idsldapsearch?
Thanks in advance.
Claus.
It is really seldom that we see activity here in this forum - that really deserves a decent answer.... :-)
First - I will recommend a good ldap learning site - it is based on openldap so there will be some minor differences (in the areas where the ldap protocol is not covering - e.g. group membership) : http://zytrax.com/books/ldap/
Second - here is the link to the IBM Official documentation for the (ids)ldapsearch command : http://www.ibm.com/support/knowledgecenter/en/SSVJJU_6.3.1/com.ibm.IBMDS.doc_6.3.1/concept/c_cr_clientutils.html
ldapsearch -h <your host> -p <your port> -b <your base> -D <bind DN> -w <password> uid=*
host is optional - if you are on the server it defaults to localhost - same goes for port which defaults to the ldap standard port 389.
The base should be the suffix (e.g. o=mycompany,c=dk) - in the general case is just where in the ldap tree you want you search to start (-s is used to set whether you want to use subtree search (default) of base/onelevel).
The bind dn is your login user - cn=root is the root user (and should not be used in the general case).
But read the zytrax guide - and let us know if you need more assistance :-)
HTH
Regards
Franz Wolfhagen
Hi Franz

Sorry for the late reply, but I have enjoyed a long well deserved vacation :-)

Your solution worked fine, - the base I set to DC=company,DC=lan (lan we use in non-production environments) and the search found all UID entries.

Best Regards
Claus Holmelin Hoyer
Franz Wolfhagen
2016-09-01 08:52:10 UTC
Permalink
Post by Claus Holmelin Hoyer
Post by Franz Wolfhagen
Post by Claus Holmelin Hoyer
Hi.
Since fairly new to IBM Security Directory Server, I do a lot of stuff using the IBM Security Directory Server Web Administration Tool.
Here I place a search (under Directory management -> Find entries)
Simple
Find entries with the following object class.
top
Narrow the simple search by specifying an additional parameter.
Attribute
uid
Is equal to
*
Which I think gives me the complete list of all UID's
How do I make the same seach using ldapsearch/idsldapsearch?
Thanks in advance.
Claus.
It is really seldom that we see activity here in this forum - that really deserves a decent answer.... :-)
First - I will recommend a good ldap learning site - it is based on openldap so there will be some minor differences (in the areas where the ldap protocol is not covering - e.g. group membership) : http://zytrax.com/books/ldap/
Second - here is the link to the IBM Official documentation for the (ids)ldapsearch command : http://www.ibm.com/support/knowledgecenter/en/SSVJJU_6.3.1/com.ibm.IBMDS.doc_6.3.1/concept/c_cr_clientutils.html
ldapsearch -h <your host> -p <your port> -b <your base> -D <bind DN> -w <password> uid=*
host is optional - if you are on the server it defaults to localhost - same goes for port which defaults to the ldap standard port 389.
The base should be the suffix (e.g. o=mycompany,c=dk) - in the general case is just where in the ldap tree you want you search to start (-s is used to set whether you want to use subtree search (default) of base/onelevel).
The bind dn is your login user - cn=root is the root user (and should not be used in the general case).
But read the zytrax guide - and let us know if you need more assistance :-)
HTH
Regards
Franz Wolfhagen
Hi Franz
Sorry for the late reply, but I have enjoyed a long well deserved vacation :-)
Your solution worked fine, - the base I set to DC=company,DC=lan (lan we use in non-production environments) and the search found all UID entries.
Best Regards
Claus Holmelin Hoyer
Glad to be of service :-) - especially for a local customer :-)

If you run into further problem do not hesitate to ask here...

Regards
Franz Wolfhagen
krishna priya B
2017-01-13 15:20:55 UTC
Permalink
ldapsearch -p [port] -D "cn=root" -w [password] -b "dc=ABC,dc=gov" -s base objectclass=* numsubordinates

ldapsearch -p [port] -D [admin_uid] -w [admin_password] -b ou=users,DC=ABC,DC=GOV -s base objectclass=* numsubordinates

ldapsearch -h [ip_address] -b "ou=users,DC=ABS,DC=GOV" "sn=pathak" ldapentrycount


ldapsearch -h [ip_address]-b "ou=users,DC=ABC,DC=GOV" -s sub "objectclass=*"
ldapsearch -h [ip_address]-b "ou=users,DC=ABC,DC=GOV" "cn=krishna priya" cn sn
Loading...