CSI - LDAP Recipes for Active Directory
We include these docs here so that they are available in the off chance that they might prove of interest.
Some LDAP Recipes for Wolftech
These are short, hopefully cut-n-pasteable shell commands to do stuff in wolftech. Before you use it, you should set some environmental variables according to weather you wish to operate in the RENV (PCI) domain or not.
The ldap client tools are installed with
yum install openldap-clients on RHEL.
If you’re working in RENV
binddn=$USER.re@WOLFTECH.AD.NCSU.EDU # eg "jaklein.re@WOLFTECH.AD.NCSU.EDU" base="OU=CSI,OU=ConnectedSystems,OU=PCI-DSS,OU=Regulatory,DC=wolftech,DC=ad,DC=ncsu,DC=edu"
If you are not working in RENV
binddn=$USER.admin@WOLFTECH.AD.NCSU.EDU # eg "jaklein.admin@WOLFTECH.AD.NCSU.EDU" base="OU=NIX,OU=Services,OU=OIT,OU=NCSU,DC=wolftech,DC=ad,DC=ncsu,DC=edu"
List all computer objects associated with CSI
ldapsearch -h wolftech.ad.ncsu.edu -LLL -o ldif-wrap=no \ -D $binddn -x -W -Z \ -b $base \ "(objectclass=computer)" \ cn operatingSystem
All info about one particular computer
# It never hurts to follow the Windows convention of hostnames in # UPPER CASE, and it may be needed. # Note that fqdn is NOT used by AD. Savages. adcomputer=CSITEST1 ldapsearch -h wolftech.ad.ncsu.edu -LLL -o ldif-wrap=no \ -D $binddn -x -W -Z \ -b $base \ "(&(objectclass=computer)(cn=$adcomputer))"
Delete host completely
adcomputer=CSITEST1 ldapdelete -h wolftech.ad.ncsu.edu \ -D $binddn -x -W -Z\ "CN=$adcomputer,$base"