Testing connectivity to an LDAP server

book

Article ID: 160482

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

How can I test an LDAP/AD connection?

What tools are already in a Data Loss Prevention install to help me verify an LDAP/AD setup?

Resolution

There's an application, ldapsearch, that's installed with Oracle that will allow you to test connectivity to an LDAP server.

Ldapsearch can be found in the following directory location:

  • \oracle\product\11.2.0.3\db_1\bin\ in Windows and
  • /opt/oracle/product/11.2.0.3/db_1/bin in Linux

The syntax to use the ldapsearch command to test connectivity to a LDAP server is the same on both Windows and Linux.

Ldapsearch syntax:

ldapsearch -D "domain\username" -w password -h host.ldap.server.com -b "dc=ldap,dc=server,dc=com" "([email protected])"

Output example:
CN=The Users Name,CN=Users,DC=ldap,DC=server,DC=com
objectClass=top
objectClass=person
objectClass=organizationalPerson
objectClass=user
cn=The Users Name
sn=Users Name
givenName=The
distinguishedName=CN=The Users Name,CN=Users,DC=ldap,DC=server,DC=com
instanceType=4
whenCreated=20090513134139.0Z
whenChanged=20090513141631.0Z
displayName=The User Name
uSNCreated=53963166
memberOf=CN=Users,CN=Builtin,DC=ldap,DC=sever,DC=com
uSNChanged=53966488
name=The Users Name
objectGUID=NOT ASCII
userAccountControl=66048
badPwdCount=0
codePage=0
countryCode=0
badPasswordTime=0
lastLogoff=0
lastLogon=0
[email protected]
pwdLastSet=128866956997968750
primaryGroupID=513
objectSid=NOT ASCII
adminCount=1
accountExpires=9223372036854775807
logonCount=0

The syntax and options can be seen by giving an invalid option like "-?".