ldapsearch -h odm.krypted.com -x -b 'dc=odm,dc=krypted,dc=com' 'uid=diradmin'
ldapsearch -h odm.krypted.com -x -b 'cn=users,dc=odm,dc=krypted,dc=com' 'uid=diradmin'
You can also search for items in a different cn. Let’s look in computers for any computer with a specific MAC address:ldapsearch -h odm.krypted.com -x -b 'cn=computers,dc=odm,dc=krypted,dc=com' 'macAddress=00:00:00:00:00:00'
Or Hostname:ldapsearch -h odm.krypted.com -x -b 'cn=computers,dc=odm,dc=krypted,dc=com' 'Hostname=someclient.krypted.com'
When I’m troubleshooting latency issues, I’ll often automate a query for a known element from within a directory service and use the -l option, specifying as the parameter for that option a number of seconds for a search to be able to complete. It’s a quick and dirty latency check (you could also time a query). Also, if you aren’t running LDAP on the default port (389) then you can specify a port using the -p option. The -x option sorts results on servers. If the server is fairly taxed it might be better to have a client sort the results, but if not then it’s always going to be faster to sort server-side. You can use the -z option to limit the number of results to a finite set. Finally, you can choose to export results into LDIF. Using one -L uses LDIF v1, two (-LL) uses LDIF and disables comments while 3 (-LLL) also disable the version of LDIF being printed, meaning the results can be piped into an actual LDIF file:ldapsearch -LLL -h ldap://odm.krypted.com -b 'cn=users,dc=odm,dc=krypted,dc=com' > kryptedusers.ldif