On Mon, 2011-02-14 at 12:29 -0500, Deny IP Any Any wrote: > My Google-fu has failed me... > > I have a linux box, and also an Active Directory domain. I'd like to > read the membership of a AD group from my Linux box (NOT join the > domain, or have users cross-authenticate, etc). Is there an easy to > way to do this? >
Active Directory is LDAP minus a few of the amenities that servers such as OpenLDAP provide. So you use an LDAP client. For example, from the Linux command line, something like: ldapsearch -x -h directory.mousetech.com '(uid=jsmith)' Though probably not QUITE that simple, since AD should properly be requiring a bind DN and maybe a base DN as well. ldapsearch -W -h directory.mousetech.com -D cn=binduser,dc=mousetech.com -B dc=mousetech,dc=com '(uid=fredsmith)' Most popular Linux programming languages have some sort of LDAP client library. Java subclasses a generic Java Naming and Directory Information (JNDI) package. Python has the python_ldap package, Perl as its own packages available via CPAN, and so forth. Tim --------------------------------------------------------------------- Archive http://marc.info/?l=jaxlug-list&r=1&w=2 RSS Feed http://www.mail-archive.com/[email protected]/maillist.xml Unsubscribe [email protected]
