misc_scripts/ldap_basic/README.md

Basic LDAP operations

These scripts act as shortcuts for frequently used openldap commands or operations. Specifying the dn, password, host address, etc. in a script eliminates the need to type them every time you have to do something.
Keep the scripts and credentials away from unauthorized personnel. Use at your own risk.

Common openldap commands and options

It is necessary to understand these basic commands

• ldapsearch: Search for entries in the directory
• ldapadd: Add entries to the directory
• ldapmodify: Modify entries in the directory
• ldapvi: A program to edit enties using your text-editor

You will have to modify these fields in the scripts:

• -H: Host ip-address or url: ldap://192.12.34.123/, ldaps://ldap.example.com/
• -D: Bind DN: cn=ldapadmin,dc=example,dc=com
• -w: Bind password: -wS3cretP4$$w0rd or -w S3cretP4$$w0rd
• -b: Search base: dc=example,dc=com
• -f: File: The .ldif file with the ldif data to add or modify an entry

Command examples:

ldapsearch -D cn=ldapadmin,dc=example,dc=com -w Y0ur4dm!nPwd -H ldap://ldap.example.com/ -b dc=example,dc=com uid=tomsawyer  

ldapadd -D cn=ldapadmin,dc=example,dc=com -w Y0ur4dm!nPwd -H ldap://192.12.34.123/ -f testuser.ldif  

Refer the openldap man pages or documentations for more information including full lists of options and argumenst for each command, syntax for ldif files, ldap filters, oid and attributes, etc.

Script usage

ldapsearch.sh: Search entries by any attribute

bash ldapsearch.sh uid=tomsawyer    # Takes any number of arguments  

ldapadd.sh: Add entries from ldif file

bash ldapadd.sh filename.ldif   # Takes 1 filename as argument  

ldapmodify.sh: Modify entries with info from ldif file

bash ldapmodify.sh filename.ldif    # Takes 1 filename as argument