Legatus wrote: > I have tried with this search, and also using the userid that I am > requesting the information from. So "uid=me,ou=people,dc=mydc" to get > info on "uid=me,ou=people,dc=mydc" > > ldapsearch -x -b 'ou=people,dc=mydc' -s sub -D 'cn=directory manager' > -w <password> "objectclass=*" attrs="passwordExpWarned > passwordExpirationTime" Don't use attrs="..." Just specify them on the command line - ... "objectclass=*" passwordExpWarned passwordExpirationTime If you want all regular attributes plus the additional operational attributes, use "*" e.g. ldapsearch .... "objectclass=*" \* passwordExpWarned passwordExpirationTime ldapsearch --help ... usage: ldapsearch [options] [filter [attributes...]] where: filter RFC-2254 compliant LDAP search filter attributes whitespace-separated list of attribute descriptions Note that openldap has a special attribute called "+" but this is not supported by Fedora DS. > > > On Fri, Mar 7, 2008 at 9:39 AM, Rich Megginson <rmeggins at redhat.com > <mailto:rmeggins at redhat.com>> wrote: > > Legatus wrote: > > I am new to the list, and I apologize if this question has been > > answered before. > > > > I haven't done much programming for LDAP, though I have been > managing > > directories for years. I am working with some developers, who a) > > aren't very imaginative, b) not very clever, and c) lazy. So I need > > to know how to get at the password information that says a password > > has expired, is about to expire, et. al. I have tried to query > for the > > attributes using ldapsearch that seem to be what I want, like > > passwordexpirationtime, but I get nothing back. > Can you post your exact ldapsearch command line? Note that > passwordexpirationtime and other password attributes in user > entries are > operational attributes - this means they are not retrieved by default > with an LDAP search but must be explicitly listed in the list of > attributes to retrieve. > > They all figure I should know the magic incantation, since I > know how > > to make the directory work, and usually that would be the case. This > > time I am stuck. Anyone solved this problem. I am running FDS 1.0.2, > > and 1.0.4. I get the same result in both. Any help would be great. > > > ------------------------------------------------------------------------ > > > > -- > > Fedora-directory-users mailing list > > Fedora-directory-users at redhat.com > <mailto:Fedora-directory-users at redhat.com> > > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > <mailto:Fedora-directory-users at redhat.com> > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20080307/cd330596/attachment.bin
