Changes

Jump to navigation Jump to search

Howto Ldap Auth (view source)

Revision as of 22:59, 30 January 2015

529 bytes added ,  22:59, 30 January 2015
no edit summary
Line 70: Line 70:  
** Some services apply setting different e.g. as a regex on the user, or as a template setting.
 
** Some services apply setting different e.g. as a regex on the user, or as a template setting.
 
* If you try and bind to ldap with a 0 length password, it "works", sort of. There is no error, but you can't access anything substantial. This is enough to fool services into thinking that the password was correct.
 
* If you try and bind to ldap with a 0 length password, it "works", sort of. There is no error, but you can't access anything substantial. This is enough to fool services into thinking that the password was correct.
 +
 +
== ldapsearch ==
 +
 +
ldapsearch is a handy tool that is part of open ldap.  You can query some handy information out of our ldap servers as follows if you have an account to bind with:
 +
 +
  #list laser cutter certified:
 +
  ldapsearch -v -x -H ldap://bob.ad.pumpingstationone.org -b "DC=ad,DC=pumpingstationone,DC=org" -D "PS1\myuser" -W "CN=Laser Engraver Certified"
 +
  #list domain Admins
 +
  ldapsearch -v -x -H ldap://bob.ad.pumpingstationone.org -b "CN=Users,DC=ad,DC=pumpingstationone,DC=org" -D "PS1\myuser" -W "CN=Domain Admins"
Kuroishi
Domain Admins
136

edits

Retrieved from "https://ps1.mywikis.wiki/wiki/Special:MobileDiff/22317"
Cookies help us deliver our services. By using our services, you agree to our use of cookies.
More information

Navigation menu