问题
Can anyone let me know if querying Active Directory server using ldapsearch, ldapadd, ldapdelete, etc. utilities is possible or not?
回答1:
The short answer is "yes". A sample ldapsearch command to query an Active Directory server is:
ldapsearch \
-x -h ldapserver.mydomain.com \
-D "mywindowsuser@mydomain.com" \
-W \
-b "cn=users,dc=mydomain,dc=com" \
-s sub "(cn=*)" cn mail sn
This would connect to an AD server at hostname ldapserver.mydomain.com as user mywindowsuser@domain.com, prompt for the password on the command line and show name and email details for users in the cn=users,dc=mydomain,dc=com subtree.
See Managing LDAP from the Command Line on Linux for more samples. See LDAP Query Basics for Microsoft Exchange documentation for samples using LDAP queries with Active Directory.
回答2:
You could query an LDAP server from the command line with ldap-utils: ldapsearch, ldapadd, ldapmodify
回答3:
Yes we can query active directory using ldap utilities. Also we can query AD using java api's jndi as well.
回答4:
Yes you can query any ldap server using ldapsearch provided you have ldap-utils package installed on your system and user which you are using to connect to ldap server already has necessary permissions.
To install ldap-utils on Debian destro
sudo apt install ldap-utils
Refer below links:
Examples of Common ldapsearches
How To Manage and Use LDAP Servers with OpenLDAP Utilities
来源:https://stackoverflow.com/questions/22224465/querying-windows-active-directory-server-using-ldapsearch-from-command-line