[Freeipa-users] Querying the dir srv
Ben Lipton
blipton at redhat.com
Thu Aug 4 16:08:20 UTC 2016
On 08/04/2016 11:31 AM, Sean Hogan wrote:
>
> Hi All,
>
> Where can I find information about the IPA schema as in what = what in
> the dir srv? I do not have a ldap viewer.
> I am looking to pull specific info from it such as a list of servers
> that have enrolled = true and have been playing with ldapsearch to no
> avail.
>
You could try something like 'ipa <objecttype>-show --all <object>' to
see the dn of the associated LDAP object for a particular IPA entity.
This would give you a sense of what tree to ldapsearch. You could try
adding the --raw flag as well to see the LDAP attributes of the object.
# ipa user-show --all admin
dn: uid=admin,cn=users,cn=accounts,dc=example,dc=domain
[...]
# ldapsearch -xLLL -D cn='Directory manager' -w <directory manager pw>
-b 'cn=users,cn=accounts,dc=example,dc=domain' '(objectClass=*)' '*' |
perl -p0e 's/\n //g' | less
You can also take a look at
https://git.fedorahosted.org/cgit/freeipa.git/tree/ipalib/constants.py#n78
for a list of LDAP entities that act as containers for IPA objects
(subtrees to search under).
Someone else may have some better ideas, but maybe this can get you started.
Ben
More information about the Freeipa-users
mailing list