LDAP Queries to Determine eDirectory Information

LDAP Queries to Determine eDirectory Information

0
Created On 09/25/18 18:00 PM - Last Modified 07/19/22 23:08 PM


Resolution


Overview

The Following queries can be used to identify the version of eDirectory you are using and whether the version supports paging, which is required for the LDAP User ID Agent.

An ldap search tool is required to run the commands, which is usually included on a linux or MAC system install.

To view ldap controls and eDirectory version (replace host with the eDirectory server's IP address or name):

ldapsearch –h host –b “” –s base –x

To view operation attributes regarding a specific user

ldapsearch –h host –D binddn –w password –x “cn=admin” +

Replace the following terms in the above query accordingly:

  • "host" with the eDirectory server IP or name.
  • "binddn" with the bind dn account (cn=admin,ou=dept1,o=company1 for example)
  • "Password" is the bind dn password
  • "cn=admin" is the searched user, which can be replaced with any user in the eDirectory, ie "cn=John".

owner: panagent
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClMgCAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail