• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5951
  • Last Modified:

Using Windows Powershell to do openldap quey. How?

Hi,

I want to use Windows powershell to query LDAP information on a Linux server using OpenLDAP.  How do I do this?

500 points.  Thank you.
0
batmon34
Asked:
batmon34
  • 13
  • 10
1 Solution
 
BSonPoshCommented:
AFAIK you can use the standard LDAP providers in System.DirectoryServices.DirectoryEntry

$de = New-Object System.DirectoryServices.DirectoryEntry("LDAP://Path")

Can you give me a example of what your trying?
0
 
batmon34Author Commented:
For starter, I just want to query all entries in the OpenLDAP server and list them out.

host: ldap.ms.com
port: 389
Base: dc=ms, dc=com
anonymous bind

With Powershell, how do I list out all entries in this ldap server?

Thanks
0
 
BSonPoshCommented:
Try this.. I am not sure the filter is correct for OpenLDAP, but I belive it is.

$root = "LDAP://ldap.ms.com/dc=ms,dc=com"
$filter = "(&(objectcategory=*))"
$dsearcher = new-object System.DirectoryServices.directorysearcher($root,$filter)
$dsearcher.pagesize = 1000
$dsearcher.findall()
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
BSonPoshCommented:
you know.. try objectclass instead of objectcategory
0
 
batmon34Author Commented:
It works for AD but does not work for openLDAP...
0
 
BSonPoshCommented:
Did you try objectclass?
What error did you get?

What happens if you just do this?

$de = new-object System.DirectoryServices.DirectoryEntry("LDAP://ldap.ms.com/dc=ms,dc=com")
$de.psbase.children
0
 
BSonPoshCommented:
Another option is to using
System.DirectoryServices.Protocols

I can post example, but I will need to install Linux and install openldap (already started)
0
 
BSonPoshCommented:
Yet another option and it maybe the easiest for you
http://www.codeplex.com/PowerShellCX

This is free and has a built in cmdlets for openldap queries
0
 
batmon34Author Commented:
It says cannot login or something.  I will take a look at the PwershellCX.
0
 
BSonPoshCommented:
Ok... I will still try to post something using System.DirectoryServices.Protocols
0
 
batmon34Author Commented:
I just installed PSCX.  It has "GET-PSPROVIDER" command that allow me to check my AD LDAP.  I haven't found a way to check OpenLDAP yet...
0
 
BSonPoshCommented:
use Get-ADObject
0
 
BSonPoshCommented:
I should get to testing the openldap code I have tonight.
0
 
BSonPoshCommented:
Ok.. I got it working for me
###################################
$DN = "LDAP://192.168.0.104/dc=example,dc=com"
$auth = [System.DirectoryServices.AuthenticationTypes]::Anonymous
$de = New-Object System.DirectoryServices.DirectoryEntry($DN,$auth)
$ds = New-Object system.DirectoryServices.DirectorySearcher($de,"(objectclass=*)")
$ds.FindAll() | ft
###################################
Output
Path                                                                                     Properties                                                
----                                                                                       ----------                                                
LDAP://192.168.0.104/dc=example,dc=com                        {o, objectclass, adspath, dc}                              
LDAP://192.168.0.104/cn=Manager,dc=example,dc=com    {objectclass, adspath, cn}                                
LDAP://192.168.0.104/cn=user,dc=example,dc=com           {objectclass, adspath, cn}                                
LDAP://192.168.0.104/cn=loser,dc=example,dc=com          {objectclass, adspath, cn}  
0
 
batmon34Author Commented:
It says:

New-Object : Cannot find an overload for ".ctor" and the argument count: "2".
At C:\Scripts\test.ps1:3 char:17
+ $de = New-Object  <<<< System.DirectoryServices.DirectoryEntry($DN,$auth)

and then it list out my own AD/LDAP info...  For some reason it is not taking my LDAP based address.

LDAP://CN=0013ceede78a,OU=MAC-AUTH,DC=research... {samaccountname, useraccountcontrol, primarygr...
0
 
BSonPoshCommented:
Did you specify server?
LDAP://<SERVER>/CN=0013ceede78a,OU=MAC-AUTH,DC=research...

Normally this would not be required, but dont think discovery it going to work for you.

Would you mind posting your $DN? You can change the "names" but keep the format.
0
 
batmon34Author Commented:
I did add it but it is not taking it.  I am running the Powershell script on one of my Windows server and I want to grab a Linux OpenLDAP's information.

$DN = "LDAP://ldap001.linux.ldap.com:389/dc=linux,dc=ldap,dc=com"
0
 
BSonPoshCommented:
Thats curious. It worked for me (against my OpenLDAP server.)

Can you attach to the server using ldp.exe from the support tools?
0
 
batmon34Author Commented:
Installed and ldp works fine.  Humm... why?
0
 
batmon34Author Commented:
So the "System.DirectoryServices.DirectoryEntry($DN,$auth)" does not work...  It says

New-Object : Cannot find an overload for ".ctor" and the argument count: "2".
At C:\Scripts\test.ps1:3 char:17
+ $de = New-Object  <<<< System.DirectoryServices.DirectoryEntry($DN,$auth)
0
 
batmon34Author Commented:
Further info.. if I don't use $auth and use "System.DirectoryServices.DirectoryEntry($DN)" instead, it will say:

PS C:\Scripts> $ds.FindAll()
Exception calling "FindAll" with "0" argument(s): "Logon failure: unknown user name or bad password.

Any idea?
0
 
BSonPoshCommented:
I am curious if you have any special settings on the LDAP server. This has work in three different environments for me.

Try
$de = New-Object System.DirectoryServices.DirectoryEntry($dn,$null,$null,$auth)

Technically speaking DirectoryEntry does not have a Constructor with only two parameters.
0
 
batmon34Author Commented:
that works!!  Thank you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

  • 13
  • 10
Tackle projects and never again get stuck behind a technical roadblock.
Join Now