How to use LdapSearch with Harvest arg file parameters
search cancel

How to use LdapSearch with Harvest arg file parameters

book

Article ID: 121275

calendar_today

Updated On:

Products

CA Harvest Software Change Manager - OpenMake Meister CA Harvest Software Change Manager

Issue/Introduction

Hauthtst is the Harvest command line utility that you can run to confirm whether the LDAP settings in your HServer.arg file or your HAgent.arg file are correct.  There is also a 3rd party tool called "ldapsearch" that can be used as a second confirmation test to assure your Harvest LDAP parameters are set correctly.  

The "ldapsearch" tool is normally included when you install Oracle Server, and can also be installed as a separate package on most Linux and Unix platforms.

On Windows, if you will download the OpenLDAP application and install the Client Tools, you will find that ldapsearch.exe is now available on the windows platform.

Environment

Harvest Software Change Manager all versions and platforms

Resolution

This template can be used to test a connection from the Harvest broker server to the LDAP server

ldapsearch -h <ldapserver> -p <ldapport> -D '<ldapbinddn>' -w <ldappassword> -b "<ldapbasedn>" -s sub "<ldapfilter>"


For the Ldap Filter, you should replace the "angle-bracketed" value with the userid you would like to find.

Here is an example HServer.arg file:

[<userid>@<server> scm]$ cat HServer.arg
// HServer args for CA Harvest SCM R12.6
-broker=scm-broker.mycompany.com
-datasource=harvest
-fipsmode=0
-authmode=openldap
-mixedauthmode=1
-ldapserver=ldap-server.mycompany.com
-ldapport=389
-ldapbinddn=uid=admin,ou=system
-ldapbindpw=secret
-ldapbasedn=dc=cascm,dc=mycompany,dc=com
-ldapfilter=(&(objectClass=person)(userid=<userid>))
-ldapattrusrname=userid
-ldapmode=none


And here is the ldapsearch command that was created from those values:

ldapsearch -h ldap-server.mycompany.com -p 389 -D 'uid=admin,ou=system' -w secret -b "dc=cascm,dc=mycompany,dc=com" -s sub "(&(objectClass=person)(userid=testuser1))"


**** Notice in the filter.  The HServer.arg file had "-ldapfilter=(&(objectClass=person)(userid=<userid>))". I changed the value in angle brackets ("<userid>") to reflect the userid I wanted to find.  So it became "(&(objectClass=person)(userid=testuser1))"

Testing this command I got this result:

[<userid>@<server> scm]$ ldapsearch -h ldap-server.mycompany.com -p 389 -D 'uid=admin,ou=system' -w secret -b "dc=cascm,dc=mycompany,dc=com" -s sub "(&(objectClass=person)(userid=testuser1))"
userid=testuser1,ou=Users,dc=cascm,dc=mycompany,dc=com
sn=Harvest Test User 1
cn=Harvest Test User 1
objectClass=top
objectClass=person
objectClass=uidObject
userPassword={SSHA}rFnWma7Sqi74SU8DAejEYUWpsURLuXl27KuSuw==
userid=testuser1
 

Additional Information

More information about hauthtst can be found here: Command Reference - hauthtst Command-Authentication Server API Test
Powered by Wolken Software