Friday, February 12, 2016

How to check whether LDAP username and password is correct - LDAP/OpenDJ

You can use "ldapwhoami" command to check whether a ldap username and password is correct.

ldapwhoami -vvv -h <host> -p <port> -D "<binddn>" -x -w <password>

"bindDN" is the LDAP credential you used to authenticate with a LDAP server.

Example of binddn;

cn=Manager,ou=example,dc=com,dc=au

Command line options used in this example:

-H ldapuri - Specify URI(s) referring to the ldap server(s); only the protocol/host/port fields are allowed; a list of URI, separated by whitespace or commas is expected.
-h ldaphost - Specify an alternate host on which the ldap server is running. Deprecated in favor of -H.
-p ldapport - Specify an alternate TCP port where the ldap server is listening. Deprecated in favor of -H.
-v - Run in verbose mode, with many diagnostics written to standard output.
-w passwd - Use passwd as the password for simple authentication. 
-x - Use simple authentication instead of SASL
-D binddn -Use the Distinguished Name binddn to bind to the LDAP directory. For SASL binds, the server is expected to ignore this value.

More details:



~~~


No comments: