Discussion:
[Samba] [samba as AD] Hidden attributes
mathias dufresne
2016-07-04 15:16:01 UTC
Permalink
Hi all,

Is there a way to extract the whole attributes of objects, even hidden
attributes, using ldbsearch or any samba tool?

Hidden attributes have to be hidden from ldapsearch which can be used
through network and so, remotely. ldbsearch can be used only locally by
root, which [should] limit who is using it, so perhaps I thought it was
possible : )
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
mathias dufresne
2016-07-05 08:33:11 UTC
Permalink
Any way to extract thelm without knowing all attributes of one given object?
Post by mathias dufresne
Hi all,
Is there a way to extract the whole attributes of objects, even hidden
attributes, using ldbsearch or any samba tool?
Don't think you can get the hidden attributes over the wire, but you can
get them on the DC by explicitly asking for them.
Post by mathias dufresne
Hidden attributes have to be hidden from ldapsearch which can be used
through network and so, remotely. ldbsearch can be used only locally by
root, which [should] limit who is using it, so perhaps I thought it was
possible : )
Oh dear, who told you that only root could use ldbsearch and that it only
works on a DC ?
'cn=Users,dc=samdom,dc=example,dc=com' -s sub
'(&(objectclass=user)(samaccountname=rowland))' -U rowland
# record 1
dn: CN=Rowland Penny,CN=Users,DC=samdom,DC=example,DC=com
cn: Rowland Penny
sn: Penny
givenName: Rowland
instanceType: 4
whenCreated: 20151109093821.0Z
displayName: Rowland Penny
uSNCreated: 3871
name: Rowland Penny
objectGUID: 28103293-9fc9-4681-b19c-ae1150fe2b72
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 0
lastLogoff: 0
primaryGroupID: 513
objectSid: S-1-5-21-1768301897-3342589593-1064908849-1107
logonCount: 0
sAMAccountName: rowland
sAMAccountType: 805306368
CN=Person,CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=c
om
pwdLastSet: 130915355010000000
uid: rowland
msSFU30Name: rowland
msSFU30NisDomain: samdom
uidNumber: 10000
unixHomeDirectory: /home/rowland
loginShell: /bin/bash
userAccountControl: 66048
accountExpires: 0
gidNumber: 10000
objectClass: top
objectClass: securityPrincipal
objectClass: person
objectClass: organizationalPerson
objectClass: user
gecos: Rowland Penny
memberOf: CN=DnsAdmins,CN=Users,DC=samdom,DC=example,DC=com
homeDirectory: \\DC1\rowland
lastLogonTimestamp: 131120934392797250
whenChanged: 20160704081039.0Z
uSNChanged: 245201
lastLogon: 131121071311154780
distinguishedName: CN=Rowland Penny,CN=Users,DC=samdom,DC=example,DC=com
Rowland
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
Loading...