How-To: Test Connectivity to All LDAP Servers

Knowledge Base Community
, ,
#1

This guide provides a script to test the connectivity to all LDAP servers in your environment.

  1. Create and Run the Script:

    Copy and paste the following script into your terminal or save it as a shell script (e.g., test_ldap_servers.sh):

    univention-ldapsearch -LLLo ldif-wrap=no univentionService=LDAP cn associatedDomain |
while IFS=': ' read k v
do
  case "$k" in
    cn) h=$v ;;
    associatedDomain) d=$v ;;
    '') 
      ldapsearch -LLL -o ldif-wrap=no -ZZ -D "$(ucr get ldap/hostdn)" -y /etc/machine.secret -h "$h.$d" -p 7389 -s base -b "$(ucr get ldap/hostdn)" dn >/dev/null || echo "FAILED: $h.$d"
      h= d=
      ;;
  esac
done

  2. Explanation of the Script:

    • The script starts by using univention-ldapsearch to retrieve all LDAP services.
    • It reads each line of the output, extracting the common name (cn) and associated domain (associatedDomain).
    • For each pair of cn and associatedDomain, it performs an ldapsearch command to test the connection to the LDAP server.
    • If the connection fails, it prints a message indicating which server failed.

  3. Run the Script:

    Execute the script in your terminal:

    bash test_ldap_servers.sh

  4. Check Results:

    • The script will output “FAILED: <hostname>.<domain>” for each LDAP server it could not connect to.
    • If no failures are reported, all LDAP servers are reachable.
#2
#3

This topic was automatically closed after 24 hours. New replies are no longer allowed.

Mastodon