LDAP/Active Directory troubleshooting via ldapsearch command
This article provides some examples for how to verify connectivity to your ldap (or Active Directory) server
Use ldapsearch command
From the Metric Insights linux command line, you can issue ldap queries via ldapsearch command line tool.
1. ldapsearch - get all users
$ ldapsearch -xLLL -H ldaps://<ldap server> -b 'ou=People,dc=metricinsights,dc=com' dn: ou=people,dc=metricinsights,dc=com
ou: people
objectClass: organizationalUnit dn: uid=testuser1,ou=people,dc=metricinsights,dc=com
uid: testuser1
uidNumber: 1002
gidNumber: 1000
cn: testuser1
sn: Test1
objectClass: top
objectClass: person
objectClass: posixAccount
objectClass: shadowAccount
loginShell: /bin/bash
homeDirectory: /home/testuser1 dn: uid=testuser3,ou=people,dc=metricinsights,dc=com
uid: testuser3
uidNumber: 1001
gidNumber: 1000
cn: testuser3
sn: Test3
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
loginShell: /bin/bash
homeDirectory: /home/testuser
givenName: Test3
mail: [email protected] 2. ldapsearch - get specific user
$ ldapsearch -xLLL -H ldaps://<ldap server> -b 'ou=People,dc=metricinsights,dc=com' '(uid=testuser1)' dn: uid=testuser,ou=people,dc=metricinsights,dc=com
uid: testuser1
uidNumber: 1001
gidNumber: 1000
cn: testuser1
sn: Test1
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
loginShell: /bin/bash
homeDirectory: /home/testuser
givenName: Tester
mail: [email protected] 3. ldapsearch - provide credentials to access ldap server
ldapsearch -xLLL -H ldaps://<ldap server> -D '<ldap credentials username>' -W -b 'CN=Users,DC=metricinsights,DC=com' 'samaccountname=tester1'