LDAP notes

Материал из noname.com.ua
Версия от 12:21, 20 июля 2016; Sirmax (обсуждение | вклад)
(разн.) ← Предыдущая | Текущая версия (разн.) | Следующая → (разн.)
Перейти к навигацииПерейти к поиску



Быстрые заметки про LDAP для себя 



 /usr/sbin/slapd -d 1 -h "ldap:/// ldapi:/// ldaps://ldap1" -g openldap -u openldap -F /etc/ldap/slapd.d

LDAPTLS_REQCERT=never /usr/bin/ldapsearch -LL -D "cn=admin,dc=fuel_domain" -w r00tme -H ldaps://ldap1 

LDAPTLS_REQCERT=never /usr/bin/ldapsearch -LL  -D "cn=admin,cn=config" -w r00tme  -H ldaps://ldap -b cn=config


История поиска - для примера 

  211  ldapsearch -x -LLL -b "uid=mmaxur,ou=people,o=mirantis,dc=mirantis,dc=net" sshPublicKey  -tt ./2
  212  ldapsearch -x -LLL -b "uid=mmaxur,ou=people,o=mirantis,dc=mirantis,dc=net" sshPublicKey  -tt .-T .
  215  ldapsearch -x -LLL -b "uid=mmaxur,ou=people,o=mirantis,dc=mirantis,dc=net" sshPublicKey  -tt .-T /root/1/
  217  ldapsearch -x -LLL -b "uid=mmaxur,ou=people,o=mirantis,dc=mirantis,dc=net" sshPublicKey  -tt -T /root/1/
  219  ldapsearch -LLL -x -b "o=mirantis,dc=mirantis,dc=net" "(&(objectClass=groupOfNames)(|(&(accessTo=$sh)(trustModel=byhost))(trustModel=fullaccess)))" memberUid
  220  ldapsearch -LLL -x -b "ou=people,ou=external,dc=mirantis,dc=net" "(&(objectClass=groupOfNames)(|(&(accessTo=$sh)(trustModel=byhost))(trustModel=fullaccess)))" memberUid
  221  ldapsearch -LLL -x -b "ou=people,ou=external,dc=mirantis,dc=net" "(&(sshPublicKey=*)(|(&(accessTo=$sh)(trustModel=byhost))(trustModel=fullaccess)(memberOf=cn=it,ou=groups,o=mirantis,dc=mirantis,dc=net)))" uid
  222  ldapsearch -LLL -x -b "o=mirantis,dc=mirantis,dc=net" "(&(sshPublicKey=*)(|(&(accessTo=$sh)(trustModel=byhost))(trustModel=fullaccess)(memberOf=cn=it,ou=groups,o=mirantis,dc=mirantis,dc=net)))" uid
  228  ldapsearch -x -LLL -b "uid=mmaxur,ou=people,o=mirantis,dc=mirantis,dc=net" sshPublicKey  -tt -T /root/1/which kdapsearch
  310  ldapsearch -x -LLL -b dc=mirantis,dc=net (&(objectClass=posixAccount)(uid=mmaxur))")
  311  ldapsearch -x -LLL -b dc=mirantis,dc=net (&(objectClass=posixAccount)(uid=mmaxur))"
  312  ldapsearch -x -LLL -b dc=mirantis,dc=net (&(objectClass=posixAccount)(uid=mmaxur))
  313  ldapsearch -x -LLL -b dc=mirantis,dc=net (&(objectClass=posixAccount)(uid=mmaxur))
  314  ldapsearch -x -LLL -b dc=mirantis,dc=net "(&(objectClass=posixAccount)(uid=mmaxur))"
  394  ldapsearch -x -LLL -b dc=mirantis,dc=net "(&(objectClass=groupOfNames)(|(&(accessto=fuel)(trustModel=byhost))(trustModel=fullaccess)))"
  396  ldapsearch -x -LLL -b dc=mirantis,dc=net "(&(objectClass=groupOfNames)(|(&(accessto=fuel.domain.tld)(trustModel=byhost))(trustModel=fullaccess)))"
  489  ldapsearch -x -LLL -b dc=mirantis,dc=net "|(|(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))(&(objectClass=posixAccount)(uid=mmaxur)))(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net)"
  490  ldapsearch -x -LLL -b dc=mirantis,dc=net "(|(|(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))(&(objectClass=posixAccount)(uid=mmaxur)))(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net))"
  491  ldapsearch -x -LLL -b dc=mirantis,dc=net "(|(|(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))(&(objectClass=posixAccount)(uid=mmaxur)))(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net))" uid
  522  ldapsearch -x -LLL -b dc=mirantis,dc=net (&(objectClass=posixAccount)(uid=mmaxur))")
  523  ldapsearch -x -LLL -b dc=mirantis,dc=net (&(objectClass=posixAccount)(uid=mmaxur))
  524  ldapsearch -x -LLL -b dc=mirantis,dc=net (&(objectClass=posixAccount)(uid=mmaxur)))
  525  ldapsearch -x -LLL -b dc=mirantis,dc=net (&(objectClass=posixAccount)(uid=mmaxur))
  526  ldapsearch -x -LLL -b dc=mirantis,dc=net "(&(objectClass=posixAccount)(uid=mmaxur))"
  527  ldapsearch -x -LLL -b dc=mirantis,dc=net "(&(objectClass=posixAccount)(uid=mmaxur1))"
  536  ldapsearch -x -LLL -b dc=mirantis,dc=net "(&(objectClass=posixAccount)(uid=mmaxur))"
  537  ldapsearch -x -LLL -b dc=mirantis,dc=net "(&(objectClass=posixAccount)(uid=mmaxur))" uuid
  538  ldapsearch -x -LLL -b dc=mirantis,dc=net "|(|(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))(&(objectClass=posixAccount)(uid=mmaxur)))(memberOf=cn=it-cloud-ops)" uuid
  539  ldapsearch -x -LLL -b dc=mirantis,dc=net "|(|(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))(&(objectClass=posixAccount)(uid=mmaxur)))(memberOf=cn=it-cloud-ops)"
  540  ldapsearch -x -LLL -b dc=mirantis,dc=net "|(|(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))(&(objectClass=posixAccount)(uid=mmaxur)))"
  541  ldapsearch -x -LLL -b dc=mirantis,dc=net "|(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))(&(objectClass=posixAccount)(uid=mmaxur)))"
  542  ldapsearch -x -LLL -b dc=mirantis,dc=net "(&(objectClass=posixAccount)(uid=mmaxur))"
  543  ldapsearch -x -LLL -b dc=mirantis,dc=net "(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))"
  544  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(memberOf=cn=it-cloud-ops)"
  545  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(memberOf=cn=mmaxur)"
  546  ldapsearch -x -LLL -b dc=mirantis,dc=net  | grep cn=it-cloud-ops
  547  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(memberOf: cn=it-cloud-ops,ou=groups"
  548  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(memberOf=cn=it-cloud-ops,ou=groups"
  549  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(memberOf=cn=it-cloud-ops,ou=groups)"
  550  ldapsearch -x -LLL -b dc=mirantis,dc=net  "memberOf=cn=it-cloud-ops,ou=groups"
  551  ldapsearch -x -LLL -b dc=mirantis,dc=net  "cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net"
  552  ldapsearch -x -LLL -b dc=mirantis,dc=net  "cn=it-cloud-ops,ou=groups,o=mirantis"
  553  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net"
  554  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net)"
  555  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net)" uid
  556  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis)" uid
  557  ldapsearch -x -LLL -b dc=mirantis,dc=net  " |(|(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))(&(objectClass=posixAccount)(uid=mmaxur)))(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net)" uid
  558  ldapsearch -x -LLL -b dc=mirantis,dc=net  "|(|(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))(&(objectClass=posixAccount)(uid=mmaxur)))(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net)" uid
  559  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(|(|(&(accessTo=itlab)(trustModel=byhost)(trustModel=fullaccess))(&(objectClass=posixAccount)(uid=mmaxur)))(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net))" uid
  560  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(|(objectClass=posixAccount)(uid=mmaxur)))(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net))" uid
  561  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(|(&(objectClass=posixAccount)(uid=mmaxur))(memberOf=cn=it-cloud-ops,ou=groups,o=mirantis,dc=mirantis,dc=net))" uid
  562  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(objectClass=posixAccount)"
  563  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(objectClass=posixAccount)| grep -i group "
  564  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(objectClass=posixAccount)" | grep -i group
  565  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(objectClass=posixAccount)" | grep -i group  | grep -v 'memberOfA:'
  566  ldapsearch -x -LLL -b
  567  ldapsearch -x -LLL -b ou=group,dc=mirantis,dc=net
  568  ldapsearch -x -LLL -b "dc=mirantis,dc=net" -h ldap "uid=mmaxur"
  569  ldapsearch -x -LLL -b "dc=mirantis,dc=net" -h ldap "uid=mmaxur" accessTo
  570  ldapsearch -x -LLL  dc=mirantis,dc=net   ou=groups
  571  ldapsearch -x -LLL  dc=mirantis,dc=net
  572  ldapsearch -x -LLL -b "dc=mirantis,dc=net" -h ldap "uid=mmaxur" accessTo
  573  ldapsearch -x -LLL -b "ou=group,dc=mirantis,dc=net"
  574  ldapsearch -x -LLL -b "ou=Group,dc=mirantis,dc=net"
  575  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(objectClass=posixAccount)" | grep -i group  | grep -v 'memberOf:' | sort | uniq
  576  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(objectClass=posixAccount)" | grep -i group  | grep -v 'memberOf:'
  577  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(objectClass=posixAccount)" | grep -i group  | sort -u
  578  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(objectClass=posixAccount)" | grep -i group  | sort -u  | wc -l
  579  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(objectClass=posixAccount)" | grep -i group  | sort -u  | wc -l | grep -i ceph
  580  ldapsearch -x -LLL -b dc=mirantis,dc=net  "(objectClass=posixAccount)" | grep -i group  | sort -u  | grep -i ceph



puppet apply --debug  --modulepath /etc/fuel/plugins/oss_ldap-1.0/puppet/modules:/etc/puppet/modules  /etc/fuel/plugins/oss_ldap-1.0/puppet/manifests/104_populate__people_ou.pp








Источник — https://noname.com.ua/mediawiki/index.php?title=LDAP_notes&oldid=7851