using ldapsearch to return only a value

Question

using an OPENLDAP server i want to retrieve informations from it with ldapsearch. I created a custom class called iduriclass, this class is used to store an id and an uri. in my ldapsearch command i want it to return only the uri for a specified id.

EXAMPLE : the directory contain now two entries id=test uri=server.com/test and id=test2 uri=server.com/test2

Trying it i get an ldif file that contains all uris in the server

I want to have an ldapsearch command that takes test as argument and returns only a value that is : server.com/test

Why not add your query string and the actual ldapsearch command used into your question? — , Jan 01 '14 at 14:23

alvits · Accepted Answer · 2014-01-01T19:17:58.630

29

Here's how you query your ldap server.

HOSTNAME=<your ladap hostname>
USERNAME=<your ldap username>
PASSWORD=<your ldap username's password>
SEARCHBASE=<your ldap's search base DN>
QUERYSTRING=test1
PORT=<your ldap port>

ldapsearch -LLL -h ${HOSTNAME} -p $PORT -D cn=${USERNAME} -w ${PASSWORD} -b "${SEARCHBASE}" "(id=${QUERYSTRING})" uri | sed -n 's/^[ \t]*uri:[ \t]*\(.*\)/\1/p'

The option -LLL will not print ldap comments on output. Your ldap may require -x (simple authentication) if it doesn't support SASL.

edited Jan 01 '14 at 19:17

answered Jan 01 '14 at 18:47

alvits

6,550
1
28
28

1

i did this and the result was: dn: id=test,dc=example,dc=com uri: server.com/test/file i want it to output only : server.com/test/file – Reda Jan 01 '14 at 19:06
1

Check my edit. ldapsearch will always return the dn: so piping to sed and removing it and the attribute name uri: leaves only the attribute value. – alvits Jan 01 '14 at 19:19
The [answer](https://stackoverflow.com/a/44671354/7715759) from badc0de spares you the parsing and is additionally working with multiple line attributes (as sshpupkeys might have) – ben Nov 24 '21 at 13:59

score 4 · Answer 2 · edited Nov 02 '22 at 19:41

4

Adding the parameter -tt writes a file with ONLY the requested attribute(s) value as the OP requested. No preceding field name or anything else. Path is configurable with -T, otherwise is /tmp

edited Nov 02 '22 at 19:41

miken32

42,008
16
111
154

answered Jun 21 '17 at 08:56

badc0de

167
3

`-t[t] A single -t writes retrieved non-printable values to a set of temporary files. This is useful for dealing with values containing non-character data such as jpegPhoto or audio. A second -t writes all re‐trieved values to files.` – Jonathan Jan 27 '22 at 17:35
`-T path Write temporary files to directory specified by path (default: /var/tmp/)` – Jonathan Jan 27 '22 at 17:36

using ldapsearch to return only a value

2 Answers2