如何查看 Unix LDAP 数据库中可用的根? [英] How can you view what roots are available in a Unix LDAP database?
问题描述
我正在尝试查看服务器上所有可用于搜索/修改的根名称.我已经尝试在网上查找,但我仍然无法找到基本级别.ldapsearch -b "o=blah.com" -p 1111 "objectclass=*" 由于过滤器是所有对象类,因此返回该 blah.com 中的所有内容.有没有类似的函数可以找到所有的o=*?我需要能够搜索这些目录中的每一个并在某些时候进行修改……在不知道里面有什么的情况下,我有点受其他开发人员的摆布……
I'm trying to view all root names on a server that are available for searching thru/modifying. I've tried looking online-but I'm still unable to find the base levels. ldapsearch -b "o=blah.com" -p 1111 "objectclass=*" returns everything in that blah.com due to the filter being all object classes. Is there a similar function to be able to find all o=*? I need to able to search thru each of those directories and modify things at some point...and without knowing what's in there, i'm sort of at the mercy of the other developers....
推荐答案
如果问题是如何获得有效的顶级基础 dn(s)?",您有多种选择:
If the question is "How to get valid top-level base dn(s) ?", you have multiple options :
- 域组件 (dc) 通常与 FQDN 匹配,使用这些 dc 构建顶级基础 dn 是有意义的(例如,
'host.example.com'将给出'dc=example,dc=com'),但不能保证它会产生有效的基本 dn. - 搜索rootDSE信息:
ldapsearch -H ldap://host.example.com -x -s base -b '' +
然后检索namingContexts或defaultNamingContext属性,其中任何一个都可以用作搜索库DN. - 使用 LDAP 资源管理器(如 Apache Directory Studio)显示目录树,选择与
objectClass: dcObject匹配的顶部对象(以及可选的o=something):任何对应条目可以通过使用其 dn 作为基础 dn 将其用作搜索基础对象.
- Domain components (dc) usually match the FQDN, it makes sense to use these dc's to build up a top level base dn (e.g.
'host.example.com'would give'dc=example,dc=com'), but it is not guaranteed it results in a valid base dn. - Search for rootDSE information :
ldapsearch -H ldap://host.example.com -x -s base -b '' +
Then retrieve thenamingContextsordefaultNamingContextattribute(s), any one of them can be used as a search base dn. - Use an LDAP explorer like Apache Directory Studio to display the directory tree, select a top object matching
objectClass: dcObject(and optionnallyo=something) : any corresponding entry can be used as a search base object by using its dn as the base dn.
这篇关于如何查看 Unix LDAP 数据库中可用的根?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
