====== LdapSearch examples ======

The following examples are taking from various ldapsearch queries on Small Business Server 2003.

===== Get a user from Active Directory =====

<code>
ldapsearch -x -LLL -D 'CN=Administrator,CN=Users,DC=Domain,DC=local' -W -H ldap://ad.example.com:389 -b 'OU=SBSUsers,OU=Users,OU=MyBusiness,DC=Domain,DC=local' -s sub '(sAMAccountName=jean-kevin)'
</code>

  * the "-x" switch enables simple authentication, instead of SASL
  * -LLL is just a display switch, to get LDIF information only, without comments
  * -D is the DN of the user used to bind to the LDAP server, -W will prompt for password on the command line
  * -H is the address of the LDAP server
  * -b is the base of the search (where it will start), can be anywhere in the tree. Lower is better to filter the search.
  * -s sub indicates we want to search in the leaves
  * the last parameter is the filter in ldap filter format


===== Get the security groups a user is a member of =====

<code>
ldapsearch -x -LLL -D 'CN=Administrator,CN=Users,DC=Domain,DC=local' -W -H ldap://ad.example.com:389 -b 'OU=Security Groups,OU=MyBusiness,DC=Domain,DC=local' -s sub '(&(objectClass=group)(member=CN=Jean-Kevin De La Motte,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=Domain,DC=local))'
</code>