Tag Archives: ldapsearch

Return results from LDAP without a line wrap (attribute)

Posted on by
Reply

Problem

You have an attribute in LDAP that might be a long line (ie a json array that contains many records like logins for example)

loginHistory: [{"lastLoginDate":"20250107094531.782Z","loginModule":"1"},{"lastLoginDate":"20241202075005.298Z","loginModule":"1"},{"lastLoginDate":"20241129143412.785Z","loginModule":"1"},{"lastLoginDate":"20241129103347.029Z","loginModule":"1"},{"lastLoginDate":"20240920105718.171Z","loginModule":"2"}]

But you want to return it in one line for further processing (ie counting the number of times in a year).

Solution

You can use the -o ldif_wrap=no option in your ldapsearch like 

ldapsearch -LLL -H "ldaps://ldap.com:1636" -o ldif_wrap=no -D "cn=User" -w $LDP -b "ou=people,dc=domain,dc=com" -s sub "(mail=usernname@domain.com)" uid loginHistory

LDAP search using a file as input

Posted on by
Reply

Problem

You would like to do a search for a specific LDAP attribute (ie email) using a file (emails.txt) with the list of emails you want to search for.

Solution

After exporting the password (LDP) you can use the following to do the search and output the results into a file (search_results.txt)

ldapsearch -LLL _H "ldaps://ldap_url:port" -D "cn=User_name" -w $LDP -b "ou=ou_name,dc=dc_name,dc=domain_name" -s sub -f emails.txt "(mail_attribute=%s)" uid mail_attribute other_attribute > search_results.txt