Hello Im facing issues trying to get the attribute of some of my users . Most of them are placed under the same OU "Users" but some of ther are placed on several different OU (INTERNATIONAL USERS or EXTERNAL USERS etc)
Right now Im trying to get the attribute sAMAccountName like this :
ldapsearch -u someuser -w somepasword -v -x -H ldap://my.ldap.ip.dir
-D "CN=MYCN,OU=GENERIC USERS,OU=USERS,DC=set,DC=ads,DC=myorg,DC=ca"
-b "CN=SAMUEL L JACKSON,OU=DEL,OU=USERS,DC=set,DC=ads,DC=myorg,DC=ca" "(&(objectclass=group)(cn=G LAW *))"
sAMAccountName
But some of the users are not under OU=USERS and I can find them at several locations :
ldapsearch -u someuser -w somepasword -v -x -H ldap://my.ldap.ip.dir
-D "CN=MYCN,OU=GENERIC USERS,OU=USERS,DC=set,DC=ads,DC=myorg,DC=ca"
-b "CN=SAMUEL L JACKSON,OU=DEL,OU=INTERNATIONAL USERS,DC=set,DC=ads,DC=myorg,DC=ca" "(&(objectclass=group)(cn=G LAW *))"
sAMAccountName
or
ldapsearch -u someuser -w somepasword -v -x -H ldap://my.ldap.ip.dir
-D "CN=MYCN,OU=GENERIC USERS,OU=USERS,DC=set,DC=ads,DC=myorg,DC=ca"
-b "CN=SAMUEL L JACKSON,OU=DEL,OU=EXTERNAL USERS,DC=set,DC=ads,DC=myorg,DC=ca" "(&(objectclass=group)(cn=G LAW *))"
sAMAccountName
What I would love is to be able to search recursively at -b "CN=SAMUEL L JACKSON,OU=DEL" and get the sAMAccountName at everywhere (maybe they are at INTERNATIONAL USERS or maybe they are at EXTERNAL USERS or at another OU at the same level)
You need to change the search base to DC=set,DC=ads,DC=myorg,DC=ca (like with FQDN's: reading right to left, keeping the longest part that is common to all matching entries).
Also, the filter is wrong because you don't want group entries starting with specific cn but user entries :
(&(objectCategory=person)(objectClass=user))
If you need only users that are member of a specific group, then you would use :
(&(objectCategory=person)(objectClass=user)(memberOf=<groupDN>))
Related
I want to export a postgresql database named "kd" with all roles, tablespaces, etc. I run the command pg_dumpall -U sce -h localhost -p 5450 -d kd > /tmp/db.sql I get the error
pg_dumpall: missing "=" after "kd5" in connection info string
I run the command pg_dumpall -U sce -h localhost -p 5450 > /tmp/db.sql
I get the error
pg_dumpall: query was: SELECT oid, rolname, rolsuper, rolinherit, rolcreaterole, rolcreatedb, rolcanlogin, rolconnlimit, rolpassword, rolvaliduntil, rolreplication, pg_catalog.shobj_description(oid, 'pg_authid') as rolcomment, rolname = current_user AS is_current_user FROM pg_authid ORDER BY 2
How can fix this problem ?
I need help sending text to a particular group using the adb shell.
Searching the forums here, I found the code below:
adb shell am start -n com.whatsapp/.Main
adb shell am start -a android.intent.action.SEND -t text/plain -e jid
'xxxxxxxxxxx#s.whatsapp.net' --eu android.intent.extra.STREAM
file:///storage/emulated/0/DCIM/Camera/IMG_20181025_223214.jpg -p com.whatsapp
the question is:
How to identify a group's JID.
How to change this code to send a text instead of a file.
Groups jid you can get in messages.db at chat_list table by gorup name (subject column) or at messages table by message text. it will be like 77787987018-1602484814#g.us.
To send text u can use this command:
am start -a android.intent.action.SEND -c android.intent.category.DEFAULT -t text/plain -e jid {user jid} -e android.intent.extra.TEXT "{text}" -p {whatsapp packet name}
I have a very specific problem with bash and curl.
What we do is:
reading a password from jenkins and paste it to a config-file (i don't have access to the password)
read parameters from config-file in bash (host, user, password, etc.) and store it in variables
post something with curl to a database and store the result in a variable
Recently we added shellcheck to our deploy-scripts and therefore we need to put the variables in quotes.
That's the request we want to send (shellcheck-approved):
result=$(curl -s -XPOST "${dbURL}" --header "Authorization: Basic $(echo -n "${dbUser}:${dbPwd}" | base64)" --data-binary "blabla")
And here's the error message we get in return:
{"error":"authorization failed"}
It does work, when I unquote the password-variable ("${dbUser}":${dbPwd}). But then spellcheck complains, that I need to put all variables in quotes. Also it does work on another machine with different password (which I have no access to either).
It is the same, when I use --user username:password. So it seems like the problem lies within the password.
Using google and testing the procedure (without the curl) with different special characters couldn't solve it either.
Has anyone experienced something like this?
Edit1:
This is an extract from jenkins-deploy-file ..
stage('config files') {
withCredentials([string(credentialsId: "${env_params.db_password}", variable: 'db_pw')]) {
sshagent(credentials: ["${env_params.user}"]) {
sh "echo \"dbPwd=${db_pw}\" >> environment_variables/config.properties"
This is how the shell script stores the password ..
dbPwd=$(grep ^"$dbPwd" <PATH>/config.properties | cut -d "=" -f2)
thanks for your support.
It seems like there are trailing whitespaces in the password-storage.
I removed them using sed and now it works.
dbPwd=$(grep ^"$dbPwd" <PATH>/config.properties | cut -d "=" -f2 | sed -e 's/[[:space:]]*$//')
You can just set the password in another file and use the content of the file as your password variable.
I have the SID string of a user/group in a Microsoft AD server. Now from this SID string, is it possible to check if it belongs to a user or a group, and if it is a group, get the members of the group ?
From whatever I could search for, I could get only the reverse; i.e., all the groups that a member belongs to. But what I need is a way to get all the members of a given group (whose SID is known).
Edit: I am using openldap on Linux to talk with the AD server btw.
Wouldn't the following work? Lookup the user by objectsid and then look at the "memberof" field.
ldapsearch -vvv -h <ad-server> -p <port> -D <bindn> -w <passwd> -b <basedn> "objectSid=<sid>" memberOf
If you have the SID of the group, you can lookup the group based on objectsid and then look at the "member" field
ldapsearch -vvv -h <ad-server> -p <port> -D <bindn> -w <passwd> -b <basedn> "objectSid=<sid>" member
I have been googling this problem to no avail.
I want to list just the users belonging to a particular group without extraneous data in osx terminal, I thought the dscl utility would be capable of doing this but so far I have been unable to craft out the right command if indeed it is capable of such an act.
To query a local group:
$ dscl . -read /groups/<groupname> | grep GroupMembership
dscacheutil -q group -a name staff
or
dscacheutil -q group -a name admin
etc... get it?
Use this shell function, which calls dsmemberutil checkmembership for every user. For example: members everyone. (Source: https://superuser.com/questions/279891/list-all-members-of-a-group-mac-os-x )
members () { dscl . -list /Users | while read user; do printf "$user "; dsmemberutil checkmembership -U "$user" -G "$*"; done | grep "is a member" | cut -d " " -f 1; };
members <group>
Other methods using dscl . -read and dscacheutil are incomplete. For example:
dscl . -read /groups/everyone | grep GroupMembership
dscacheutil -q group -a name everyone
do not list any users, whereas the shell function does.