Syntax for looking up user information from a non-bound LDAP directory.

SearchLDAP Examples.sh

#!/bin/sh

# -H = LDAP URI
# -x = use simple authentication instead of SASL
# -b = search base
# -D = user principal name (UPN) of authenticating user
# -w = password of authenticating user


# look up a user's manager's distinguished name

/usr/bin/ldapsearch -H ldap://192.168.5.250:389 -x -b 'cn=users,dc=talkingmoose,dc=pvt' -D 'mmoose@talkingmoose.pvt' -w 'P@55w0rd' cn="Martin Moose" manager | /usr/bin/grep 'manager:' | /usr/bin/awk -F ": " '{ print $2 }'


<<RESULTS
-----------------------------------------------------------------
    CN=Clark Griswold,CN=Users,DC=talkingmoose,DC=pvt
-----------------------------------------------------------------
RESULTS


# look up manager's email address

/usr/bin/ldapsearch -H ldap://192.168.5.250:389 -x -b 'cn=users,dc=talkingmoose,dc=pvt' -D 'mmoose@talkingmoose.pvt' -w 'P@55w0rd' distinguishedName='CN=Clark Griswold,CN=Users,DC=talkingmoose,DC=pvt' mail | /usr/bin/grep 'mail:' | /usr/bin/awk '{ print $2 }'


<<RESULTS
-----------------------------------------------------------------
    cgriswold@talkingmoose.net
-----------------------------------------------------------------
RESULTS

exit 0