292
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: + + Line 74:
Line 76: + + − + − + + + + Line 165:
Line 172: + +
no edit summary
{{mbox |type=warning |text=This information is out of date. [[IT Infrastructure|Up-to-date IT information can be found here]] }}
External services that authenticate users often use Ldap for authentication.
External services that authenticate users often use Ldap for authentication.
ldapsearch is a handy tool that is part of open ldap. You can query some handy information out of our ldap servers as follows if you have an account to bind with:
ldapsearch is a handy tool that is part of open ldap. You can query some handy information out of our ldap servers as follows if you have an account to bind with:
You may need to set LDAPTLS_REQCERT=allow before those commands.
#list laser cutter certified:
#list laser cutter certified:
ldapsearch -ZZ -v -x -H ldap://bob.ad.pumpingstationone.org -b "DC=ad,DC=pumpingstationone,DC=org" -D "PS1\myuser" -W "CN=Laser Engraver Certified"
ldapsearch -v -x -H ldaps://bob.ad.pumpingstationone.org -b "DC=ad,DC=pumpingstationone,DC=org" -D "PS1\myuser" -W "CN=Laser Engraver Certified"
#list domain Admins
#list domain Admins
ldapsearch -ZZ -v -x -H ldap://bob.ad.pumpingstationone.org -b "CN=Users,DC=ad,DC=pumpingstationone,DC=org" -D "PS1\myuser" -W "CN=Domain Admins"
ldapsearch -v -x -H ldaps://bob.ad.pumpingstationone.org -b "CN=Users,DC=ad,DC=pumpingstationone,DC=org" -D "PS1\myuser" -W "CN=Domain Admins"
Remember you can use space.pumpingstationone.org if it is outside PS1 network.
== Apache mod_authnz_ldap ==
== Apache mod_authnz_ldap ==
auth_ldap "AD authentication";
auth_ldap "AD authentication";
auth_ldap_servers BOB;
auth_ldap_servers BOB;
[[Category: Systems Group]]