U.S. +1 (312) 214 3570  |  E.U +34 (91) 320-5524
Contact Us

LDAP Shell Commands :: ldapsearch

Description
 
Ldapsearch opens a connection to an LDAP server, binds and performs a search starting at searchbase, with a defined scope of all entries that satisfy a filter. If any entries are found, a list of specified attributes are returned.
 
Syntax
 
ldapsearch
[-n] [-u] [-v] [-k] [-K] [-t]
[-A] [-L[L[L]]] [-M[M]] [-d debuglevel] [-f file]
[-D binddn] [-W] [-w passwd] [-y passwdfile]
[-H ldapuri] [-h ldaphost] [-p ldapport]
[-P 2|3] [-b searchbase] [-s base|one|sub]
[-a never|always|search|find] [-l timelimit]
[-z sizelimit] [-O security-properties] [-I]
[-Q] [-U authcid] [-R realm] [-x] [-X authzid]
[-Y mech] [-Z[Z]] filter [attrs...]
 
-h ldaphost
Specifies an alternate host on which LDAP server is running
-p ldapport
 Specifies the TCP port where LDAP server is listening
-D binddn Binddn is the distinguished name used to bind to LDAP server
-w passwd Use passwd as the password for simple authentication
-b searchbase Set searchbase as the starting point for the search
-s scope (base | one | sub) Specify to limit the search to look in the base object, one-level, or the whole subtree.
-f file Reads a series of lines from file performing a search for each line. The filter given in the command line is treated as a pattern where %s is replaced with a line from file. If file is � then the lines are read from standard input.
-z sizelimit Retrieve at most sizelimit entries as results from the search
filter RFC 2254 search filter string representation with the condition(s) to be satisfied by the entries
attrs List of attributes to be retrieved in the search, if * or omitted all attributes are returned

Example
 
The following command:
 
ldapsearch -h 10.63.3.200 -p 1389
-D "cn=James Bond,ou=people, dc=mycompany,dc=com"
-w drymartini -b "ou=products,dc=mycompany,dc=com"
-s one -z 100 "(graphicsCard=*force*)"
did cost price cpu graphicsCard memorySize
 
will bind as "cn=James Bond..." to the LDAP server in host 10.63.3.200 listening on port 1389 and then search in the level below "ou=products..." for a maximum of 100 entries whose graphicsCard attribute contains the string "force", and will retrieve the values of the did, cost, price, cpu, graphicsCard and memorySize attributes.
 
Result
 
The results from an LDAP search are written in ldif format.
 
dn: did=2002090100004,ou=products,dc=mycompany,dc=com
did: 2002090100004
ost: 187
price: 412
PU: Athlon 2000+
memorySize: 512
graphicsCard: NVidia GForce 2
dn: did=2003051000004,ou=products,dc=mycompany,dc=com
did: 2003051000004
cost: 129
price: 270
CPU: Pentium IV 2100
memorySize: 256
graphicsCard: Nvidia Geforce 640
 
If no errors occur, the command will return a zero. Errors result in a non-zero exit status and a diagnostic message being written to standard error.
 

About Symlabs
 
Symlabs is the performance leader for virtual directory and identity management solutions.   Benchmarks show Symlabs Virtual Directory Server, LDAP Proxy and Federated Identity Suite are the fastest and most powerful products in the industry for managing and unifying identity data.   Global giants like Sony, IBM, Vodafone, Nokia and United Nations already depend on Symlabs to add flexibility, security, and reliability to their infrastructure.  Symlabs also offers annual support, training and professional services to our clients to help them develop, integrate, and maintain solutions.