I want to check in a bash script that a specific organizationalunit with the given DN exists.
I'm doing an ldapsearch:
OU="ou=HQ,dc=myroot,dc=local"
ldapsearch -h localhost -b dc=myroot,dc=local -x -v "(&(objectClass=organizationalUnit)(dn="'"'$OU'"'"))"
and it always results in 0 even if the DN exists.
I have also tried:
ldapsearch -h localhost -b dc=myroot,dc=local -x -v "(&(objectClass=organizationalUnit)(dn=$OU))"
But the results are the same.
How can I do it? Is there a trick to the dn attribute?
Disregard that I'm using simple authentication.
You cannot put the DN inside the search filter because the DN is not an attribute name. Put your dn as the search base (ldapsearch -b) and the objectclass into the search filter. Something like this:
OU='ou=HQ,dc=myroot,dc=local'
ldapsearch -h localhost -b "$OU" -x -v -D'cn=admin,dc=myroot,dc=local' -wyour_ldap_password '(&(objectClass=organizationalUnit))'
And you'll be fine.