On 08/04/2016 11:31 AM, Sean Hogan wrote:
Hi All,
Where can I find information about the IPA schema as in what = what in
the dir srv? I do not have a ldap viewer.
I am looking to pull specific info from it such as a list of servers
that have enrolled = true and have been playing with ldapsearch to no
avail.
You could try something like 'ipa <objecttype>-show --all <object>' to
see the dn of the associated LDAP object for a particular IPA entity.
This would give you a sense of what tree to ldapsearch. You could try
adding the --raw flag as well to see the LDAP attributes of the object.
# ipa user-show --all admin
dn: uid=admin,cn=users,cn=accounts,dc=example,dc=domain
[...]
# ldapsearch -xLLL -D cn='Directory manager' -w <directory manager pw>
-b 'cn=users,cn=accounts,dc=example,dc=domain' '(objectClass=*)' '*' |
perl -p0e 's/\n //g' | less
You can also take a look at
https://git.fedorahosted.org/cgit/freeipa.git/tree/ipalib/constants.py#n78
for a list of LDAP entities that act as containers for IPA objects
(subtrees to search under).
Someone else may have some better ideas, but maybe this can get you started.
Ben
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
