Querying Windows Active Directory server using ldapsearch from command line

Question

Can anyone let me know if querying Active Directory server using ldapsearch, ldapadd, ldapdelete, etc. utilities is possible or not?

Answer 1

The short answer is "yes". A sample ldapsearch command to query an Active Directory server is:

ldapsearch \
    -x -h ldapserver.mydomain.com \
    -D "mywindowsuser@mydomain.com" \
    -W \
    -b "cn=users,dc=mydomain,dc=com" \
    -s sub "(cn=*)" cn mail sn

This would connect to an AD server at hostname ldapserver.mydomain.com as user mywindowsuser@domain.com, prompt for the password on the command line and show name and email details for users in the cn=users,dc=mydomain,dc=com subtree.

See Managing LDAP from the Command Line on Linux for more samples. See LDAP Query Basics for Microsoft Exchange documentation for samples using LDAP queries with Active Directory.