How to do LDAPS queries from Linux to Active Directory pt. 3

Sub-Title:  “Escaping commas in LDAP(S) queries to AD”

This is part 3 in a series of 5 posts on this subject; please also see part 1, part 2, part 4, and part 5.

If the username in your query has a comma in it, you are going to need to “escape” the comma so the system does not confuse it with the standard ldap namespace separator.  And please don’t ask me why somebody would put a comma in there… It very well could be the result of an Identity Managment driver or something automated process, because certainly no rational human would do such a thing!  So here’s and example of how to use an “escape” for those situations:

ldapsearch -x -H ldaps://CORPDC02.yourlinuxguy.com -b dc=yourlinuxguy,dc=com -D "cn=Pavlov\, Jeremy W.,ou=Users,ou=Southfield,dc=yourlinuxguy,dc=com" -W mail=jwpavlov@yourlinuxguy.com

…for more, see:
http://msdn.microsoft.com/en-us/library/aa746384%28VS.85%29.aspx

1 Comment

  1. rajesh

    Hi,
    I have a question.
    I want to generate password protected SSL certificate in Windows AD and use that certificate in Linux for LDAP authentication over SSL

    How would i can do it.

Leave a Comment

Your email address will not be published. Required fields are marked *