Verifying Active Directory account by command

Posted on by

Purpose of the Command

The ldapsearch tool is used to query an LDAP directory like Active Directory. In this case, it’s checking whether you’re connected and retrieving user info based on the sAMAccountName.

ldapsearch -x -H ldap://server1.dmz.home.mvtc.milad.local \
  -D "CN=Milad Mehrabi,OU=VendorUser,DC=dmz,DC=home,DC=mvtc,DC=milad,DC=local" \
  -W \
  -b "DC=dmz,DC=home,one,DC=local" \
  "sAMAccountName=mmilad"

Options Explained:

  • ldapsearch: CLI tool for querying LDAP directories.
  • -x: Use simple authentication instead of SASL.
  • -H ldap://...: LDAP URI specifying the server to connect to.
  • `-D “CN=…”:** Bind DN (Distinguished Name)** – the user to authenticate as (in this case, “Milad Mehrabi”).
  • -W: Prompt for the password securely (you won’t pass it directly in the command).
  • `-b “DC=…”:** Base DN** – the point in the directory tree where the search begins.
  • "sAMAccountName=mmilad": The filter – searches for a user with this login name.

Leave a Reply

Your email address will not be published. Required fields are marked *

34 − 26 =