search

veo-labs / ldap-server-mock

Really simple basic mock for LDAP server
GNU Affero General Public License v3.0
67 stars 26 forks source link

Need help with some examples of searching a user #10

Open akrammohammed111 opened 4 years ago

akrammohammed111 commented 4 years ago

This is really great, I am trying to set this up for my internal testing. I am using an LDAP Admin tool, When trying to Fetch the DNs, it says "LDAP error! No such object: No tree found for: ." Able to do test connection successfully but on fetching the DNs it gives me an error. Using this as username as per the users.json "cn=user,dc=test".

Please let me know if I am missing something. Thanks, Akram

maxime-beguin commented 4 years ago

Hi,

Have a look to the README.md file on the develop branch (it is not released yet), we just had an example with ldapsearch command to check if everything is ok.

akrammohammed111 commented 4 years ago

@maxime-beguin : Thank you for your response. I am trying to run this on windows without command line tools, so not able to use the ldapsearch command you have shared.

For me to search an user using LDAP Admin tool, I need to perform successful bind, Can you tell me the bind user that I need to use for this and the password that user.

I was looking into it the code and found that 'cn=root' and Password = 'secret' has the full access, I tried using this but still no luck.

I also have a program using which I perform bind, When I try to bind using the program I have to pass some username and password and on doing this, the ldap application crashes(command prompt closes) and I get an error saying 'Directory server unavailable'

This program binds successfully when I run it against an actual AD.

Thanks again for looking into this. Really appreciate your efforts.

maxime-beguin commented 4 years ago

@akrammohammed111 : thank you for your support.

No verification is made while identifying to the LDAP server API so you can use some fake user as long as it respects the searchBase (dc=test in the README.md example) like cn=root,dc=test without password (or empty password), it should do the trick. The ldapsearch command uses the -x option to deactivate authentication but we could have written something like this:

ldapsearch -D "cn=root,dc=test" -H ldap://127.0.0.1:3004 -b "dc=test" "(&(objectclass=person)(cn=user-login))" attribute1 attribute2