Query CERN LDAP from the shell

Here’s one for the shell nuts:

sudo $EDITOR /etc/ldap/ldap.conf

Add the following line:

TLS_REQCERT never

Warning: This is not completely secure, since it ignores the certificate checks. There are instructions, but it’s not clear which of the two CA certificates I should use, and whichever I try, I get no useful feedback from ldapsearch even with -d 255. If you manage to use the certificates properly, I’d be grateful if you’d let me know how.

Now for the meat (replace $(whoami) with your CERN user name if it’s not the same as your login):

ldapsearch -v -H ldaps://ldap.cern.ch:636 -s sub -b O=CERN,C=CH -D cn=$(whoami),ou=users,o=cern,c=ch -x -W "(uid=$(whoami))"
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s