Here’s one for the shell nuts:
sudo $EDITOR /etc/ldap/ldap.conf
Add the following line:
Warning: This is not completely secure, since it ignores the certificate checks. There are instructions, but it’s not clear which of the two CA certificates I should use, and whichever I try, I get no useful feedback from
ldapsearch even with
-d 255. If you manage to use the certificates properly, I’d be grateful if you’d let me know how.
Now for the meat (replace
$(whoami) with your CERN user name if it’s not the same as your login):
ldapsearch -v -H ldaps://ldap.cern.ch:636 -s sub -b O=CERN,C=CH -D cn=$(whoami),ou=users,o=cern,c=ch -x -W "(uid=$(whoami))"