QA: How can I use ldapsearch in Nubus / Opendesk

Knowledge Base Community
, , ,
1

Question

How can I use ldapsearch in my Nubus Environment?

Answer

You need to receive the corresponding admin dn, credentials etc. and perform the command inside the LDAP Pod at best. The following scheme may be used for that:

kubectl exec -n ${NAMESPACE?} ums-ldap-server-primary-0 -- ldapsearch -x \
  -D "$(kubectl get -n ${NAMESPACE?} configmaps ums-ldap-server-primary -o json | jq -r '.data.ADMIN_DN')" \
  -w "$(kubectl get -n ${NAMESPACE?} secrets ums-ldap-server-admin -o json | jq -r '.data.password' | base64 -d)" \
  -b "$(kubectl get -n ${NAMESPACE?} configmaps ums-ldap-server-primary -o json | jq -r '.data.LDAP_BASEDN')" \
  uid=Administrator

Additional

If you just only need the output with certain attributes and not the hole object, you could use the following command.
I search for a user and just need the attributes memberOf & objectClass

kubectl exec -n $NAMESPACE ums-ldap-server-primary-0 -- ldapsearch -x \
-D "$(kubectl get -n $NAMESPACE configmaps ums-ldap-server-primary -o json | jq -r '.data.ADMIN_DN')" \
-w "$(kubectl get -n $NAMESPACE secrets ums-ldap-server-admin -o json | jq -r '.data.password' | base64 -d)" \
-b "$(kubectl get -n $NAMESPACE configmaps ums-ldap-server-primary -o json | jq -r '.data.LDAP_BASEDN')" \
uid=test.ox.01 memberOf objectClass

# extended LDIF
#
# LDAPv3
# base <dc=swp-ldap,dc=internal> with scope subtree
# filter: (uid=test.ox.01)
# requesting: memberOf objectClass 
#

# test.ox.01, users, swp-ldap.internal
dn: uid=test.ox.01,cn=users,dc=swp-ldap,dc=internal
objectClass: opendeskProjectmanagementUser
objectClass: automount
objectClass: opendeskFileshareUser
objectClass: top
objectClass: univentionPWHistory
objectClass: univentionMail
objectClass: oxUserObject
objectClass: opendeskNotesUser
objectClass: inetOrgPerson
objectClass: shadowAccount
objectClass: univentionObject
objectClass: opendeskVideoconferenceUser
objectClass: organizationalPerson
objectClass: posixAccount
objectClass: opendeskKnowledgemanagementUser
objectClass: opendeskLivecollaborationAdminUser
objectClass: krb5KDCEntry
objectClass: krb5Principal
objectClass: opendeskLivecollaborationUser
objectClass: person
objectClass: sambaSamAccount
memberOf: cn=managed-by-attribute-Videoconference,cn=groups,dc=swp-ldap,dc=int
 ernal
memberOf: cn=managed-by-attribute-Fileshare,cn=groups,dc=swp-ldap,dc=internal
memberOf: cn=managed-by-attribute-Livecollaboration,cn=groups,dc=swp-ldap,dc=i
 nternal
memberOf: cn=managed-by-attribute-Groupware,cn=groups,dc=swp-ldap,dc=internal
memberOf: cn=managed-by-attribute-Knowledgemanagement,cn=groups,dc=swp-ldap,dc
 =internal
memberOf: cn=managed-by-attribute-Projectmanagement,cn=groups,dc=swp-ldap,dc=i
 nternal
memberOf: cn=Domain Users,cn=groups,dc=swp-ldap,dc=internal
memberOf: cn=OX%26Group,cn=groups,dc=swp-ldap,dc=internal

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
1 Like
2

This topic was automatically closed after 24 hours. New replies are no longer allowed.