On my lovely ubuntu box, I need to do queries to find bunches of users.
ldapsearch -x -D "Domain\uid" -W \ -h ad.server.com \ -b "DC=my,DC=ad,DC=server,DC=com" \ -LLL -v "(sAMAccountName=anotheruid)" cn
What is all this?
-x says we're doing a simple bind.
AD likes authenticated queries. -D is who you're binding as. -W prompts for a pass.
-h is the AD server I'm talking to.
-b is the search base; that is the AD tree where I'm doing my query.
-LLL is the output format. It will show everything in the record.
-v is the verbose tag.
After all this is my search string. In this case, I'm looking for a uid and want to print its common name. I could plop sn which'd tell me the surname.
To be interesting, I could put in "(sn=clue)" cn and that'd display everyone with the surname "clue" and their common name. Fun.