How to check if the user belongs to a certain group?

Subject: How to check if the user belongs to a certain group?
Author: eLDAP
In response to: How bind with the user account?
Posted on: 01/17/2015 03:14:19 AM

ldapsearch -h localhost -p 389 -b "ou=groups,dc=example" -s sub 
 "(uniquemember=uid=Smith\5c, J\5c\5coh\5c=n,cn=users,dc=example)"

Here, uniquemember is a DN type of attribute and the value is "uid=Smith\, J\\oh\=n,cn=users,dc=example". Now, when DN serves as a filter, all the backslash '\' should all be encodes as '\5c', i.e. "(uniquemember=uid=Smith\5c, J\5c\5coh\5c=n,cn=users,dc=example)" -- no matter it is a real backslash (the one before 'oh') or it is the escaping backslash (the other three).

The command should succeed and bring result:

dn: cn=special users,ou=groups,dc=example
objectclass: top
objectclass: groupofuniquenames
cn: special users
ou: groups
uniquemember: uid=Smith\, J\\oh\=n,cn=users,dc=example
uniquemember: uid=Joe Smith,cn=users,dc=example

>
> On 01/17/2015 03:01:44 AM eLDAP wrote:

ldapsearch -h localhost -p 389 -D "uid=Smith\, J\\oh\=n,cn=users,dc=example" -w secret -b "cn=users,dc=example" -s sub "(uid=Smith, John)"

Here, all tree chars ',', '\' and '=' must be escaped by '\'.

References:

Next Post: SSL/TLS vs StartTLS authen 09/11/2015 04:22:19 PM
Previous Post: How bind with the user account? eLDAP 01/17/2015 03:01:44 AM
Next Topic: SSL/TLS vs StartTLS authen 09/11/2015 04:22:19 PM
Previous Topic: How to create NTLMv2 computer account? authen 05/06/2014 10:51:36 PM
Index: by Date
Index: by Topic