ldapsearch command examples with advanced options

The ldapsearch command used to query the required information from LDAP databases. The ldapsearch command can be used on many occasions with different filter statement. Various ldapsearch command examples and use cases with advanced options discussed here.

Note: Replace the password ($PASS) and ROOTDN with your server values. You may need to specify LDAP URI and authentication methods depend upon configuration. Here i am working from LDAP server.

Filter user with UID

Look for the users with given UID value. This command list the users whoever UID set to 20005.

Read More


Network interface name changed to “renamex”

On VMware virtual machine hot added new virtual network interface (NIC). The newly added network interface is of VMXNET3 type. Initially kernel named the new network interface as “eth0”. Post server reboot network interface device name changed from “eth0” to “rename2”. But the other existing network interface name remains same as “eth1”.

[    3.582159] eth0: NIC Link is Up 10000 Mbpsvmware-suse-guest-vmxnet3-nic
[    3.598345] eth1: NIC Link is Up 10000 Mbps
[    3.741375] udev: renamed network interface eth0 to rename2
[  130.435772] bonding: bond0: Adding slave eth1.

Read More


Openldap migrate to TLS/SSL communication

Q. My ldap server currently configured to accept only non-encrypted connections. The server listens to port 389. I want to make my server to accept only TLS/SSL encrypted connections. How to migrate to TLS/SSL communication with very minimal downtime window? Most important is current LDAP directory data should not be disturbed.

Benefits

By upgrading to TLS/SSL encrypted communication we ensure data transferred between LDAP client and server will be encrypted. This is most important when the data travel through untrusted or public network. The normal LDAP communication over TLS/SSL channel specified as “ldaps” (same like https) in URI.

Read More


LDAP TLS negotiation failure error

Q. I am trying to configure LDAP client. Have copied the certificate to client and enabled TLS in pam_ldap.conf. Still the client failed to communicate with LDAP server. At server end found TLS negotiation failure error. How to fix it?

Sep 11 10:35:12 rhel4 slapd[5241]: conn=1130 fd=12 ACCEPT from IP=10.20.31.140:37309 (IP=0.0.0.0:636)
Sep 11 10:35:12 rhel4 slapd[5241]: conn=1130 fd=12 closed (TLS negotiation failure)

Read More