Using ldapwhoami
Syntax
`ldapwhoami <opts> [-D bindDN (-w|-W)]`Purpose
- The ldapwhoami command serves two purposes:
- It is used to test authentication
- It is used to confirm the identity of the user that binds
We recommended you use simple binds (-x) and the -W (prompt for password) Option is used. The -w Option will retain the password used is stored in the shell’s history
ldapwhoami Examples
# Test if a password a user binding with is correct (successful result)
ldapwhoami -x -H ldap:/// -D "cn=May Gaul,ou=Accounting,dc=example,dc=com" -w secret
dn: cn=May Gaul,ou=Accounting,dc=example,dc=com
# Test if a password a user is binding with is correct (unsuccessful result)
ldapwhoami -x -H ldap:/// -D "cn=May Gaul,ou=Accounting,dc=example,dc=com" -w secrot
ldap_bind: Invalid credentials (49)
# See what identity the linux root user maps to with a SASL bind
ldapwhoami -Q -Y EXTERNAL
dn: dc=example,dc=com