ldapsearch - Querying Remote Hosts

Here are some basic examples of using ldapsearch to check the functionality of your LDAP server.

By default, OpenLDAP listens to port 389 for unencryted requests and port 636 for SSL requests. On the OpenLDAP server that you want to test you can check you're getting an appropriate response by displaying some LDAP content via local host:

$ ldapsearch -x -D cn=<YourUID>,dc=<SOME>,dc=<DOMAIN> -W

Now display some specific LDAP content:

$ ldapsearch -LLL -x -b dc=<SOME>,dc=<DOMAIN> -D cn=<YourUID>,dc=<SOME>,dc=<DOMAIN> -W uid=<UID>

The ouput from which will look a lot like:

Enter LDAP Password: 
dn: cn=<UID>,dc=<SOME>,dc=<DOMAIN>
cn: <YourFullName>
cn: <YourUID>
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: qmailUser
objectClass: posixAccount
jpegPhoto:: 
…
uidNumber: 2215
givenName: <YourGivenName>
uid: <YourUID)
title: <YourUID>
userPassword:: <YourEncryptedPassword>
mail: <YourEmailAddress>
gidNumber: <YourGID>
displayName: <YourFullName>
mailMessageStore: <YourUID>/
telephoneNumber: <YourPhoneNumber>
physicalDeliveryOfficeName: <YourOffice>
mobile: <YourMobile>
sn: <YourSurname>
homeDirectory: /home/<YourUID>

On your desktop or another server you can check you are getting a response across the network:

$ ldapsearch -H ldaps://<HOSTNAME>.<SOME>.<DOMAIN>/ -x -vvvvvvvv -b dc=<SOME>,dc=<DOMAIN> -D cn=<YourUID>,dc=<SOME>,dc=<DOMAIN> -W

Display some specific LDAP content:

$ ldapsearch -H ldaps://<HOSTNAME>.<SOME>.<DOMAIN>/ -x -vvvvvvvv -LLL -b dc=<SOME>,dc=<DOMAIN> -D cn=<YourUID>,dc=<SOME>,dc=<DOMAIN> -W uid=<TheUID>