ldapsearch:
ldapsearch -b dc=org,dc=com objectclass=* -h localhost -p 3000
ldapsearch -b dc=org,dc=com objectclass=*
ldapsearch -D cn=root -w ? -b dc=org,dc=com objectclass=*

ldapsearch -x -b dc=org,dc=com -D cn=root -w =? -s one "(uid=*)" "*" pwdlockedtime |more

#check if user is locked
ldapsearch -b dc=org,dc=com -D cn=root -w ? uid=myuser ibm-pwdIndividualPolicyDn pwdFailureTime pwdAccountLockedTime pwdReset pwdChangedTime ibm-pwdGroupPolicyDn

#see pw policy
ldapexop -D cn=root -w ? -op effectpwdpolicy -d uid=myuser,dc=org,dc=com

ldapsearch -D cn=root -w ? -b dc=org,dc=com -h localhost uid=* -s one filter=uid gecos


ldapsearch -D uid=user9,dc=org,dc=com -w test -b dc=org,dc=com uid=*

-D cn=root -w ? -b dc=org,dc=com -h localhost -p 3000 uid=myuser

ldapadd -D cn=root -w ? -h localhost -p 3000 -c -a -f allUsers.ldif
ldapadd -x -D cn=root -w ? -h myhost -p 3000 -c -a -f allUsers.ldif

ldapsearch -x -D cn=root -w ? -b "ou=myorg,dc=org,dc=com" -h localhost -p 3000 uid=myuser


ldapdelete:
cat todelete.dat |awk '{ print "ldapdelete -D cn=root -w ? \"" $2 "\""}' >todelete.sh

add " to line (at begin and end):
cat todelete | sed -e s/^/\"/ | sed -e s/$/\"/

dos2unix
cat file | sed -e 's/$//' > newfile


#Secure Way password attributes ...
ldapsearch -D cn=root -w ? -b dc=org,dc=com "(cn=myuser)" pwdreset pwdchangedtime pwd4out

computer2know :: thank you for your visit :: have a nice day :: © 2018