misc_scripts/ldap_basic/README.md

# Basic LDAP operations  

These scripts act as shortcuts for frequently used `openldap` commands or operations. Specifying the `dn`, password, host address, etc. in a script eliminates the need to type them every time you have to do something.  
Keep the scripts and credentials away from unauthorized personnel. Use at your own risk.  

## Common openldap commands and options  

It is necessary to understand these basic commands  
- `ldapsearch`: Search for entries in the directory  
- `ldapadd`: Add entries to the directory  
- `ldapmodify`: Modify entries in the directory  
- `ldapvi`: A program to edit enties using your text-editor  

You will have to modify these fields in the scripts:  
- `-H`: Host ip-address or url: `ldap://192.12.34.123/`, `ldaps://ldap.example.com/`  
- `-D`: Bind DN: `cn=ldapadmin,dc=example,dc=com`  
- `-w`: Bind password: `-wS3cretP4$$w0rd` or `-w S3cretP4$$w0rd`  
- `-b`: Search base: `dc=example,dc=com`  
- `-f`: File: The `.ldif` file with the `ldif` data to add or modify an entry  

Command examples:  
```bash
ldapsearch -D cn=ldapadmin,dc=example,dc=com -w Y0ur4dm!nPwd -H ldap://ldap.example.com/ -b dc=example,dc=com uid=tomsawyer  
```  
```bash
ldapadd -D cn=ldapadmin,dc=example,dc=com -w Y0ur4dm!nPwd -H ldap://192.12.34.123/ -f testuser.ldif  
```  

Refer the openldap man pages or documentations for more information including full lists of options and argumenst for each command, syntax for `ldif` files, ldap filters, `oid` and attributes, etc.  

## Script usage  

[ldapsearch.sh](ldapsearch.sh): Search entries by any attribute  
```bash
bash ldapsearch.sh uid=tomsawyer    # Takes any number of arguments  
```  
[ldapadd.sh](ldapadd.sh): Add entries from ldif file  
```bash
bash ldapadd.sh filename.ldif   # Takes 1 filename as argument  
```  
[ldapmodify.sh](ldapmodify.sh): Modify entries with info from ldif file  
```bash
bash ldapmodify.sh filename.ldif    # Takes 1 filename as argument  
```