Category Archives: OpenLDAP

Return results from LDAP without a line wrap (attribute)

Posted on by
Reply

Problem

You have an attribute in LDAP that might be a long line (ie a json array that contains many records like logins for example)

loginHistory: [{"lastLoginDate":"20250107094531.782Z","loginModule":"1"},{"lastLoginDate":"20241202075005.298Z","loginModule":"1"},{"lastLoginDate":"20241129143412.785Z","loginModule":"1"},{"lastLoginDate":"20241129103347.029Z","loginModule":"1"},{"lastLoginDate":"20240920105718.171Z","loginModule":"2"}]

But you want to return it in one line for further processing (ie counting the number of times in a year).

Solution

You can use the -o ldif_wrap=no option in your ldapsearch like 

ldapsearch -LLL -H "ldaps://ldap.com:1636" -o ldif_wrap=no -D "cn=User" -w $LDP -b "ou=people,dc=domain,dc=com" -s sub "(mail=usernname@domain.com)" uid loginHistory

Suppressing empty output lines when using ldapsearch

Posted on by
Reply

Problem

You want to use ldapsearch to search from a file (file contains domains and ldap contains emails), but you want to suppress empty output lines (option -LLL does not seem to suppress them).

Solution

Use grep -v ‘^$’ like

ldapsearch -LLL -H "ldaps://ldap_url:nnnn" -D "cn=Directory Manager" -w $LDP -b "ou=ou_name,dc=domain,dc=com" -s sub -f denyDomains.txt  "(mail=*@%s)" uid mail status | grep -v '^$' > denyDomainsResults.txt