The following examples are taking from various ldapsearch queries on Small Business Server 2003.

ldapsearch -x -LLL -D 'CN=Administrator,CN=Users,DC=Domain,DC=local' -W -H ldap://ad.example.com:389 -b 'OU=SBSUsers,OU=Users,OU=MyBusiness,DC=Domain,DC=local' -s sub '(sAMAccountName=jean-kevin)'

• the “-x” switch enables simple authentication, instead of SASL
• -LLL is just a display switch, to get LDIF information only, without comments
• -D is the DN of the user used to bind to the LDAP server, -W will prompt for password on the command line
• -H is the address of the LDAP server
• -b is the base of the search (where it will start), can be anywhere in the tree. Lower is better to filter the search.
• -s sub indicates we want to search in the leaves
• the last parameter is the filter in ldap filter format

ldapsearch -x -LLL -D 'CN=Administrator,CN=Users,DC=Domain,DC=local' -W -H ldap://ad.example.com:389 -b 'OU=Security Groups,OU=MyBusiness,DC=Domain,DC=local' -s sub '(&(objectClass=group)(member=CN=Jean-Kevin De La Motte,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=Domain,DC=local))'