Legatus wrote:
I have tried with this search, and also using the userid that I am requesting the information from. So "uid=me,ou=people,dc=mydc" to get info on "uid=me,ou=people,dc=mydc"Don't use attrs="..." Just specify them on the command line - ... "objectclass=*" passwordExpWarned passwordExpirationTime If you want all regular attributes plus the additional operational attributes, use "*" e.g.ldapsearch -x -b 'ou=people,dc=mydc' -s sub -D 'cn=directory manager' -w <password> "objectclass=*" attrs="passwordExpWarned passwordExpirationTime"
ldapsearch .... "objectclass=*" \* passwordExpWarned passwordExpirationTime ldapsearch --help ... usage: ldapsearch [options] [filter [attributes...]] where: filter RFC-2254 compliant LDAP search filter attributes whitespace-separated list of attribute descriptionsNote that openldap has a special attribute called "+" but this is not supported by Fedora DS.
On Fri, Mar 7, 2008 at 9:39 AM, Rich Megginson <rmeggins@xxxxxxxxxx <mailto:rmeggins@xxxxxxxxxx>> wrote:Legatus wrote: > I am new to the list, and I apologize if this question has been > answered before. > > I haven't done much programming for LDAP, though I have been managing > directories for years. I am working with some developers, who a) > aren't very imaginative, b) not very clever, and c) lazy. So I need > to know how to get at the password information that says a password > has expired, is about to expire, et. al. I have tried to query for the > attributes using ldapsearch that seem to be what I want, like > passwordexpirationtime, but I get nothing back. Can you post your exact ldapsearch command line? Note that passwordexpirationtime and other password attributes in user entries are operational attributes - this means they are not retrieved by default with an LDAP search but must be explicitly listed in the list of attributes to retrieve. > They all figure I should know the magic incantation, since I know how > to make the directory work, and usually that would be the case. This > time I am stuck. Anyone solved this problem. I am running FDS 1.0.2, > and 1.0.4. I get the same result in both. Any help would be great. > ------------------------------------------------------------------------ > > -- > Fedora-directory-users mailing list > Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> > https://www.redhat.com/mailman/listinfo/fedora-directory-users > -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx <mailto:Fedora-directory-users@xxxxxxxxxx> https://www.redhat.com/mailman/listinfo/fedora-directory-users ------------------------------------------------------------------------ -- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
<<attachment: smime.p7s>>
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
