Trying to LDAP query an AD LDS field

Question

I currently have an access policy where i need to LDAP query a custom field on a AD LDS server. I get the following error when I try:
LDAP Module: Failed to bind with 'CN=testuser,OU=Service Accounts,OU=Groups,OU=Acounts,DC=domain,DC=com'. Internal (implementation specific) error.
I first authenticate users with AD auth to a different set of AD servers. The AD LDS server only has user info and a few custom fields. I want to run an ldapsearch from the F5 but i don't really know the syntax. I do have the following info:
- user account is testuser
- user account password is testpassword
- AD LDS Instance = DC=F5userAttribute,DC=domain,DC=com
- AD LDS server IP is 10.18.24.210
- the field i need to pull data from is "customSecretKey"

Just wondering what the syntax will be ldapsearch command.

niels_van_sluis · Answer

Try this:
ldapsearch -x -LLL -h 10.18.24.210 -D "CN=testuser,OU=Service Accounts,OU=Groups,OU=Acounts,DC=domain,DC=com" -W -b "DC=F5userAttribute,DC=domain,DC=com" customSecretKey

niels_van_sluis · Answer

Today I needed to run ldapsearch myself again. This one worked for me:
ldapsearch -x -LLL -h 10.23.92.2 -D 'Administrator@example.com' -w 2secret! -b 'dc=example,dc=com' -s sub "(|(sAMAccountName=john.doe@example.com)(userPrincipalName=john.doe@example.com))" sAMAccountName

Did you get it to work for you?

Forum Discussion

Trying to LDAP query an AD LDS field

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Trying to Fill Some Giant Shoes...

Pool downtime query

iRule Processing query

iRuleLX Solution for OAUTH JWT authenticated Salesforce Query

Net Trunk API Status Field Missing

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS