batmon34
asked on
Using Windows Powershell to do openldap quey. How?
Hi,
I want to use Windows powershell to query LDAP information on a Linux server using OpenLDAP. How do I do this?
500 points. Thank you.
I want to use Windows powershell to query LDAP information on a Linux server using OpenLDAP. How do I do this?
500 points. Thank you.
ASKER
For starter, I just want to query all entries in the OpenLDAP server and list them out.
host: ldap.ms.com
port: 389
Base: dc=ms, dc=com
anonymous bind
With Powershell, how do I list out all entries in this ldap server?
Thanks
host: ldap.ms.com
port: 389
Base: dc=ms, dc=com
anonymous bind
With Powershell, how do I list out all entries in this ldap server?
Thanks
Try this.. I am not sure the filter is correct for OpenLDAP, but I belive it is.
$root = "LDAP://ldap.ms.com/dc=ms, dc=com"
$filter = "(&(objectcategory=*))"
$dsearcher = new-object System.DirectoryServices.d irectoryse archer($ro ot,$filter )
$dsearcher.pagesize = 1000
$dsearcher.findall()
$root = "LDAP://ldap.ms.com/dc=ms,
$filter = "(&(objectcategory=*))"
$dsearcher = new-object System.DirectoryServices.d
$dsearcher.pagesize = 1000
$dsearcher.findall()
you know.. try objectclass instead of objectcategory
ASKER
It works for AD but does not work for openLDAP...
Did you try objectclass?
What error did you get?
What happens if you just do this?
$de = new-object System.DirectoryServices.D irectoryEn try("LDAP: //ldap.ms. com/dc=ms, dc=com")
$de.psbase.children
What error did you get?
What happens if you just do this?
$de = new-object System.DirectoryServices.D
$de.psbase.children
Another option is to using
System.DirectoryServices.P rotocols
I can post example, but I will need to install Linux and install openldap (already started)
System.DirectoryServices.P
I can post example, but I will need to install Linux and install openldap (already started)
Yet another option and it maybe the easiest for you
http://www.codeplex.com/PowerShellCX
This is free and has a built in cmdlets for openldap queries
http://www.codeplex.com/PowerShellCX
This is free and has a built in cmdlets for openldap queries
ASKER
It says cannot login or something. I will take a look at the PwershellCX.
Ok... I will still try to post something using System.DirectoryServices.P rotocols
ASKER
I just installed PSCX. It has "GET-PSPROVIDER" command that allow me to check my AD LDAP. I haven't found a way to check OpenLDAP yet...
use Get-ADObject
I should get to testing the openldap code I have tonight.
Ok.. I got it working for me
########################## #########
$DN = "LDAP://192.168.0.104/dc=e xample,dc= com"
$auth = [System.DirectoryServices. Authentica tionTypes] ::Anonymou s
$de = New-Object System.DirectoryServices.D irectoryEn try($DN,$a uth)
$ds = New-Object system.DirectoryServices.D irectorySe archer($de ,"(objectc lass=*)")
$ds.FindAll() | ft
########################## #########
Output
Path Properties
---- ----------
LDAP://192.168.0.104/dc=ex ample,dc=c om {o, objectclass, adspath, dc}
LDAP://192.168.0.104/cn=Ma nager,dc=e xample,dc= com {objectclass, adspath, cn}
LDAP://192.168.0.104/cn=us er,dc=exam ple,dc=com {objectclass, adspath, cn}
LDAP://192.168.0.104/cn=lo ser,dc=exa mple,dc=co m {objectclass, adspath, cn}
##########################
$DN = "LDAP://192.168.0.104/dc=e
$auth = [System.DirectoryServices.
$de = New-Object System.DirectoryServices.D
$ds = New-Object system.DirectoryServices.D
$ds.FindAll() | ft
##########################
Output
Path Properties
---- ----------
LDAP://192.168.0.104/dc=ex
LDAP://192.168.0.104/cn=Ma
LDAP://192.168.0.104/cn=us
LDAP://192.168.0.104/cn=lo
ASKER
It says:
New-Object : Cannot find an overload for ".ctor" and the argument count: "2".
At C:\Scripts\test.ps1:3 char:17
+ $de = New-Object <<<< System.DirectoryServices.D irectoryEn try($DN,$a uth)
and then it list out my own AD/LDAP info... For some reason it is not taking my LDAP based address.
LDAP://CN=0013ceede78a,OU= MAC-AUTH,D C=research ... {samaccountname, useraccountcontrol, primarygr...
New-Object : Cannot find an overload for ".ctor" and the argument count: "2".
At C:\Scripts\test.ps1:3 char:17
+ $de = New-Object <<<< System.DirectoryServices.D
and then it list out my own AD/LDAP info... For some reason it is not taking my LDAP based address.
LDAP://CN=0013ceede78a,OU=
Did you specify server?
LDAP://<SERVER>/CN=0013cee de78a,OU=M AC-AUTH,DC =research. ..
Normally this would not be required, but dont think discovery it going to work for you.
Would you mind posting your $DN? You can change the "names" but keep the format.
LDAP://<SERVER>/CN=0013cee
Normally this would not be required, but dont think discovery it going to work for you.
Would you mind posting your $DN? You can change the "names" but keep the format.
ASKER
I did add it but it is not taking it. I am running the Powershell script on one of my Windows server and I want to grab a Linux OpenLDAP's information.
$DN = "LDAP://ldap001.linux.ldap .com:389/d c=linux,dc =ldap,dc=c om"
$DN = "LDAP://ldap001.linux.ldap
Thats curious. It worked for me (against my OpenLDAP server.)
Can you attach to the server using ldp.exe from the support tools?
Can you attach to the server using ldp.exe from the support tools?
ASKER
Installed and ldp works fine. Humm... why?
ASKER
So the "System.DirectoryServices. DirectoryE ntry($DN,$ auth)" does not work... It says
New-Object : Cannot find an overload for ".ctor" and the argument count: "2".
At C:\Scripts\test.ps1:3 char:17
+ $de = New-Object <<<< System.DirectoryServices.D irectoryEn try($DN,$a uth)
New-Object : Cannot find an overload for ".ctor" and the argument count: "2".
At C:\Scripts\test.ps1:3 char:17
+ $de = New-Object <<<< System.DirectoryServices.D
ASKER
Further info.. if I don't use $auth and use "System.DirectoryServices. DirectoryE ntry($DN)" instead, it will say:
PS C:\Scripts> $ds.FindAll()
Exception calling "FindAll" with "0" argument(s): "Logon failure: unknown user name or bad password.
Any idea?
PS C:\Scripts> $ds.FindAll()
Exception calling "FindAll" with "0" argument(s): "Logon failure: unknown user name or bad password.
Any idea?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
that works!! Thank you.
$de = New-Object System.DirectoryServices.D
Can you give me a example of what your trying?