First, I am by no means an ldap expert; however there are a lot of things here that are troublesome.
The primary issues are binddn, base, and ldapsearch.
Think of binddn and base as backwards pathes - base is your root node to your ldap directory - in this case it would be your domain:
Code:
base dc=powellitc,dc=com
Your binddn would be considered your root login and in order for ldap to recall information it needs a path to get to it so it would look like this:
Code:
binddn cn=Administrator,cn=Users,dc=powellitc,dc=com
Keep in mind this information MUST match slapd.conf file on ldap server.
Also - I'm assuming all directory information has been loaded into server correctly -
If it has not you will continue to get no results.
ok - so a couple things about ldapsearch -
when using certificates simple authentication isn't required (-x, -W) You may still use simple authentication if it is set up within slapd.conf file on ldap server. Listed below are a few examples of ldapsearch calls with explanations:
Code:
ldapsearch -D "cn=Administrator,cn=Users,dc=powellitc,dc=com" -x -W *
This will use simple authentication (no certificate) and will return all attributes listed within server with their values.
Note: ldapsearch by default uses sub as its scope. Meaning it will search all directories including sub directories. You can change scope with -s and one of three values (base,sub,children)
Code:
ldapsearch -D "cn=Administrator,cn=Users,dc=powellitc,dc=com" -x -W uid=myID
The example listed above uses simple authentication and will return all attributes for objects associated with uid=myID.
To list only attributes stored in directory structure use:
Code:
ldapsearch -D "cn=Administrator,cn=Users,dc=powellitc,dc=com" -x -W -A
To list specific information about a directory structure search use:
Code:
ldapsearch -D "cn=Administrator,cn=Users,dc=powellitc,dc=com" -x -W uid=myID sn cn shadowMin