ldapsearch over ssl (ldaps) to Active Directory

In order for Linux to perform ldapsearch over ssl, you need to import Active Directory CA certificate.

On ActiveDirectory run the following command:
> certutil -ca.cert adca.der

Copy adca.der into the Linux server and convert the cert into Linux friendly cert
#  openssl x509 -inform DER -in adca.der -out adca.crt

Move the file into the default ca-trust directory
# cp adca.crt /etc/pki/ca-trust/source/anchors/
# update-ca-trust

You are ready to run ldapsearch over ssl to Active Directory

Assuming you ad server is adsvr.fosstech.biz for fosstech.biz domain, you can run ldapsearch as follow

# ldapsearch -x -W -H ldaps://adsvr.fosstech.biz  -D "administrator@fosstech.biz" -b "dc=fosstech,dc=biz" *

Cheers!!!

📚 Want to Learn Docker?

I wrote "Levelling Up with Docker: A Practical Guide to Containers" — a hands-on guide for Linux admins who want to learn Docker without the fluff.

What's inside:

  • Rootless Docker installation (Ubuntu, RHEL, SLES)
  • Container networking, volumes, and Docker Compose
  • Private registry setup and troubleshooting playbook

Get it on Amazon: https://www.amazon.com/dp/B0GGZ76PHW

Comments

Post a Comment

Popular posts from this blog

SLES 15 LVM + XFS Without Separate /boot Partition

Image
GRUB2 allow booting from LVM partition, however I haven't see any documentation on how to setup SLES 15 using LVM + XFS root partition without separate /boot partition. You can even put /boot as one of the logical volume. When separate /boot partition is not created, we will need to create small partition with BIOS boot flag and once this BIOS boot partition is created, you can setup the remaining disk as LVM partition and setup your volume group and logical volumes as usual.    During the installation, choose "Expert Partitioner" > "Start with Existing Partitions". Select your disk and "Create New Partition Table" > "GPT" Select "Partitions" tab and choose "Add Partition" Choose "Custom Size" then enter "8 MiB" as the size. The Role of this partition should be "Raw Volume (unformatted)" Select BIOS Boot as Partition ID Create another partition as LVM pa...
Read more

pfSense and scp

pfSense and scp doesn't play nice. When you try to scp to admin@pfsense.hostname you will likely encounter the error " Illegal option -[X] " The solution to this is rather simple too, when running scp to pfSense, just use the root account.  Cheers
Read more

SupportConfig Analysis for SLES 12

Image
SLES comes with tools to analyse supportconfig data called Support Config Analysis (SCA). This tool is not installed by default, but it is quite simple to install and run.  All you need are the next few commands and you are on the way to see how you can tune your SLES. # zypper in sca-server-report sca-patterns-sle12 # scatool -s The report will be generated at /var/log/nts_XXX.html and is viewable via your favourite web browser. It will look something like the following screenshot There are links that you can follow to see the solutions details. Happy Tuning!!!
Read more