From 758b73a9fbd3ce25afd8577995d1c1c73759a491 Mon Sep 17 00:00:00 2001 From: Marisa Date: Thu, 18 Sep 2025 11:44:41 -0400 Subject: [PATCH] Update README.md --- README.md | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/README.md b/README.md index 1286d43..dbcb04c 100644 --- a/README.md +++ b/README.md @@ -160,5 +160,57 @@ dn: uid=marisa,ou=Engineering,dc=example,dc=com mail: marisa.kirisame@example.com ``` +### _Query a LDAP directory as a user_ + +we already created the user (_uid_) marisa, and established the user's own password using slappasswd\ +now we are gonna query our LDAP server using the user (_uid_) marisa credentials, and _the password we entered during slappasswd, called plain password_ +``` +root@example:/etc/ldap# ldapsearch -D uid=marisa,ou=Supergirls,dc=example,dc=com -b "dc=example,dc=com" -w plainpasswd +# extended LDIF +# +# LDAPv3 +# base with scope subtree +# filter: (objectclass=*) +# requesting: ALL +# + +# example.com +dn: dc=example,dc=com +objectClass: top +objectClass: dcObject +objectClass: organization +o: nodomain +dc: example + +# Supergirls, example.com +dn: ou=Supergirls,dc=example,dc=com +... +``` + +we can narrow this search to get only specific attributes of the user marisa, remember we are using _the plainpasswd when asked_ +``` +root@example:/etc/ldap# ldapsearch -D uid=marisa,ou=Supergirls,dc=example,dc=com -b "dc=example,dc=com" -w plainpasswd givenName uidNumber gidNumber homeDirectory +# extended LDIF +# +# LDAPv3 +# base with scope subtree +# filter: (objectclass=*) +# requesting: givenName uidNumber gidNumber homeDirectory +# + +# example.com +dn: dc=example,dc=com + +# Supergirls, example.com +dn: ou=Supergirls,dc=example,dc=com + +# marisa, Supergirls, example.com +dn: uid=marisa,ou=Supergirls,dc=example,dc=com +givenName: Marisa +uidNumber: 1001 +gidNumber: 5000 +homeDirectory: /home/marisa +``` + ldapsearch -D uid=marisa,ou=Supergirls,dc=example,dc=com -b "dc=example,dc=com" -w qwerty ldappasswd -H ldap://server_domain_or_IP -x -D "cn=admin,dc=example,dc=com" -W -S "uid=bob,ou=people,dc=example,dc=com" \ No newline at end of file