Norbert Weuster's questions -server

Norbert Weuster

Asked: 2019-03-22 11:03:50 +0800 CST

ldapsearch show member entries without CN

I am using ldapsearch on a debian 9 Linux box to query a MS Active Directory. I would like to query/find all users in my group "mygroupname". The command

ldapsearch -o ldif-wrap=no -xWLLL -D "myaccount" -h mydomain -b "ou=user,dc=mydc,dc=com" "cn=mygroupname" member

has the following output:

dn: CN=mygroupname,OU=user,DC=mydc,DC=com
member: CN=Paula Normal,OU=whatever,OU=...,OU=...,OU=...,DC=mydc,DC=com
member:: Q049QmV0dGluYSBUw7Zs...................9nbmUsT1U9RGV1dHNjwdGEsREM9Y29t
member: CN=Peter Testman,OU=whatever2,OU=...,OU=...,OU=...,DC=mydc,DC=com
...

I compared the output with the AD-GUI. The the second entry should be another valid user, but the output is unexpected and unreadable. The CN,OU,DC information is missing. I found out that the strange entries are valid, but are base64-encoded.

Where is the fault? Is there any corruption in the AD? Is my query command wrong? Why are some entries base64-encoded. How to get the right output?

ldapsearch show member entries without CN

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?