Howto quickly extract LDAP attributes for a list of users


I had a list of email addresses and my boss asked me to extract the login names (SamAccountname attribute in Active Directory). I quickly did it with:

  cat mails.txt | while read mail
	echo /usr/bin/curl  -s --proxy \"\" -u \"MYDOMAIN\\myuser:mypassword\" \"ldap://ldapserver:3268/DC=group,DC=mycompany,DC=com?sAMAccountName?sub?(mail=${mail})\"
  done  | bash | grep "sAMAccountName:" | cut -f2 -d":" | sed -e 's/^ /"/' -e 's/$/",/'

Enter your instance's address

More posts like this

Active Directory authentication for PostgreSQL users

2020-10-12 | #active directory #ldap #postgres

It is easy, you just need to add to the configuration file /var/lib/postgresql/data/pg_hba.conf host all all ldap ldapserver="myldapserver" ldapbasedn="OU=USERS,DC=group,DC=redaelli,DC=org" ldapbinddn="CN=matteo,OU=USERS,DC=group,DC=redaelli,DC=org" ldapbindpasswd="MySillyPwd" ldapsearchattribute="sAMAccountName" ldapscheme="ldaps" And inside your database yu need to create a role for the Active director users and then grant them to the required databases.

Continue reading 