-
Notifications
You must be signed in to change notification settings - Fork 7
ldbsearch
since samba is AD Compliant and not completely LDAP compliant you should use ldbsearch (and not ldapsearch) to connect to the samba database engine LDB.
The debian/ubuntu package is ldb-tools. It ist automatically installed with sophomorix
(For all ldbsearch options you need to install samba as well)
If you are working on the server it is a good start to use the wrapper sophomorix-ldbsearch to connect to the samba AD:
sophomorix-ldbsearch "(givenName=Mai*)" sn givenName
This uses the LDAP-Filter (givenName=Mai*) and displays the attributes sn and givenName
The output displays which ldbsearch options are used. You can see that the password to connect to samba is read from a file on the server.
Some attributes are not accesible over the network via LDAP protocol (unicodePwd, supplementalCredentials, ...).
But you can access them with ldbsearch directly in the database file:
ldbsearch --url /var/lib/samba/private/sam.ldb sAMAccountName=<user> sn unicodePwd
... returns the unicodePwd of user <user>