Skip to content

ldbsearch

Rüdiger Beck edited this page Jul 18, 2021 · 4 revisions

ldbsearch

since samba is AD Compliant and not completely LDAP compliant you should use ldbsearch (and not ldapsearch) to connect to the samba database engine LDB.

Installation

The debian/ubuntu package is ldb-tools. It ist automatically installed with sophomorix

(For all ldbsearch options you need to install samba as well)

sophomorix-ldbsearch

If you are working on the server it is a good start to use the wrapper sophomorix-ldbsearch to connect to the samba AD:

sophomorix-ldbsearch "(givenName=Mai*)" sn givenName

This uses the LDAP-Filter (givenName=Mai*) and displays the attributes sn and givenName

The output displays which ldbsearch options are used. You can see that the password to connect to samba is read from a file on the server.

ldbsearch to access data not eccessible over LDAP

Some attributes are not accesible over the network via LDAP protocol (unicodePwd, supplementalCredentials, ...).

But you can access them with ldbsearch directly in the database file:

ldbsearch --url /var/lib/samba/private/sam.ldb sAMAccountName=<user> sn unicodePwd

... returns the unicodePwd of user <user>

Clone this wiki locally