Notes to Self

Alex Sokolsky's Notes on Computers and Programming

LDAP and AD

From LDAP Query Examples for AD:

AD exports its fields according to a certain schema, which does not set “uid” like the Unix ENG LDAP.

AD LDAP should be queried for sAMAccountName instead of uid:

ldapsearch -h foo.bar.com -D 'foo\a.sokolsky' -W -b 'DC=foo,DC=bar,DC=com' \
    '(&(sAMAccountName=a.sokolsky)(objectClass=user))'

mailNickname is also set:

ldapsearch -h foo.bar.com -D 'foo\a.sokolsky' -W -b 'DC=foo,DC=bar,DC=com' \
    '(&(mailNickname=a.sokolsky)(objectClass=user))'