Difference between revisions of "Cool Solution - LDAP search user / simple authentication account"

From Univention Wiki

Jump to: navigation, search
Line 13: Line 13:
  
  
With the help of the command line you can check, if the created user is  qualified to read the LDAP entries.
+
With the following command line you can check, if the created user is  qualified to read the LDAP entries.
 
Execute the following command:
 
Execute the following command:
 
  univention-ldapsearch -LLL -D uid=<LDAP user>,cn=users,dc=example,dc=com -W
 
  univention-ldapsearch -LLL -D uid=<LDAP user>,cn=users,dc=example,dc=com -W
  
Enter the password of the LDAP user. After that, the LDAP entries should be read by the LDAP user.
+
and enter the password of the LDAP user. After that, you should get a overview of all LDAP entries.
 
[[Category:EN]][[Category:Howtos]]
 
[[Category:EN]][[Category:Howtos]]

Revision as of 13:05, 14 April 2016

Produktlogo UCS Version 4.1

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Also regard the legal notes at Terms of Service.
Note: This article is not yet reviewed.


For security reasons we recommend to create a simple authentication user, which can only read LDAP entries.

First things first you go to the UMC and open the Users module and add a new user. Klick on Advanced in the new Window.

This site shows you the advanced settings of a user creation


Fill out all neccessary text fields (lastname, username and a safety password) and go to the "Option" tab. Untag all checkboxes except "simple authentication".

Untag all checkboxes except simple authentication


With the following command line you can check, if the created user is qualified to read the LDAP entries. Execute the following command:

univention-ldapsearch -LLL -D uid=<LDAP user>,cn=users,dc=example,dc=com -W

and enter the password of the LDAP user. After that, you should get a overview of all LDAP entries.

Personal tools