How can I get the list of ldap users without being sudo? [duplicate]

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
4
down vote

favorite
1













This question already has an answer here:



  • How can I list all user names and/or home directories?

    4 answers



I have non-sudo ssh access to a server of which I want to know the list of users, I think the server is using ldap because:



-bash-4.2$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd: files ldap
group: files ldap
shadow: files ldap

hosts: files dns
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: nis


but:



-bash-4.2$ cd /etc/sssd/
-bash: cd: /etc/sssd/: No such file or directory


Please note neither of /etc/passwd, ls -lsa /varor getent passwd is giving the list I want (they don't even include my own username)



So, does anyone have any idea on how I can get the list of usernames and ids of this server!?



If it helps:



-bash-4.2$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 7.11 (wheezy)
Release: 7.11
Codename: wheezy



linux ssh users ldap




share|improve this question














marked as duplicate by ilkkachu, Jeff Schaller, Stephen Kitt linux
Users with the  linux badge can single-handedly close linux questions as duplicates and reopen them as needed.

StackExchange.ready(function()
if (StackExchange.options.isMobile) return;

$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');

$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();

);
);
);
 Dec 15 '17 at 13:47


This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.










  • 1




    Does getent passwd 0..65535 work for you? See also How can I list all user names and/or home directories?
    – Stéphane Chazelas
    Dec 15 '17 at 11:08











  • @StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
    – yukashima huksay
    Dec 15 '17 at 11:33






  • 1




    I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed by wbinfo -u
    – Archemar
    Dec 18 '17 at 11:54










  • @Archemar did you try getent passwd 0..65535?
    – yukashima huksay
    Dec 18 '17 at 12:52










  • @Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
    – yukashima huksay
    Dec 18 '17 at 12:53














up vote
4
down vote

favorite
1













This question already has an answer here:



  • How can I list all user names and/or home directories?

    4 answers



I have non-sudo ssh access to a server of which I want to know the list of users, I think the server is using ldap because:



-bash-4.2$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd: files ldap
group: files ldap
shadow: files ldap

hosts: files dns
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: nis


but:



-bash-4.2$ cd /etc/sssd/
-bash: cd: /etc/sssd/: No such file or directory


Please note neither of /etc/passwd, ls -lsa /varor getent passwd is giving the list I want (they don't even include my own username)



So, does anyone have any idea on how I can get the list of usernames and ids of this server!?



If it helps:



-bash-4.2$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 7.11 (wheezy)
Release: 7.11
Codename: wheezy



linux ssh users ldap




share|improve this question














marked as duplicate by ilkkachu, Jeff Schaller, Stephen Kitt linux
Users with the  linux badge can single-handedly close linux questions as duplicates and reopen them as needed.

StackExchange.ready(function()
if (StackExchange.options.isMobile) return;

$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');

$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();

);
);
);
 Dec 15 '17 at 13:47


This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.










  • 1




    Does getent passwd 0..65535 work for you? See also How can I list all user names and/or home directories?
    – Stéphane Chazelas
    Dec 15 '17 at 11:08











  • @StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
    – yukashima huksay
    Dec 15 '17 at 11:33






  • 1




    I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed by wbinfo -u
    – Archemar
    Dec 18 '17 at 11:54










  • @Archemar did you try getent passwd 0..65535?
    – yukashima huksay
    Dec 18 '17 at 12:52










  • @Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
    – yukashima huksay
    Dec 18 '17 at 12:53












up vote
4
down vote

favorite
1









up vote
4
down vote

favorite
1






1






This question already has an answer here:



  • How can I list all user names and/or home directories?

    4 answers



I have non-sudo ssh access to a server of which I want to know the list of users, I think the server is using ldap because:



-bash-4.2$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd: files ldap
group: files ldap
shadow: files ldap

hosts: files dns
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: nis


but:



-bash-4.2$ cd /etc/sssd/
-bash: cd: /etc/sssd/: No such file or directory


Please note neither of /etc/passwd, ls -lsa /varor getent passwd is giving the list I want (they don't even include my own username)



So, does anyone have any idea on how I can get the list of usernames and ids of this server!?



If it helps:



-bash-4.2$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 7.11 (wheezy)
Release: 7.11
Codename: wheezy



linux ssh users ldap




share|improve this question















This question already has an answer here:



  • How can I list all user names and/or home directories?

    4 answers



I have non-sudo ssh access to a server of which I want to know the list of users, I think the server is using ldap because:



-bash-4.2$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

passwd: files ldap
group: files ldap
shadow: files ldap

hosts: files dns
networks: files

protocols: db files
services: db files
ethers: db files
rpc: db files

netgroup: nis


but:



-bash-4.2$ cd /etc/sssd/
-bash: cd: /etc/sssd/: No such file or directory


Please note neither of /etc/passwd, ls -lsa /varor getent passwd is giving the list I want (they don't even include my own username)



So, does anyone have any idea on how I can get the list of usernames and ids of this server!?



If it helps:



-bash-4.2$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 7.11 (wheezy)
Release: 7.11
Codename: wheezy




This question already has an answer here:



  • How can I list all user names and/or home directories?

    4 answers





linux ssh users ldap





share|improve this question













share|improve this question




share|improve this question








edited Dec 15 '17 at 10:59









terdon♦

122k28230403




122k28230403










asked Dec 15 '17 at 10:50









yukashima huksay

429217




429217




marked as duplicate by ilkkachu, Jeff Schaller, Stephen Kitt linux
Users with the  linux badge can single-handedly close linux questions as duplicates and reopen them as needed.

StackExchange.ready(function()
if (StackExchange.options.isMobile) return;

$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');

$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();

);
);
);
 Dec 15 '17 at 13:47


This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.






marked as duplicate by ilkkachu, Jeff Schaller, Stephen Kitt linux
Users with the  linux badge can single-handedly close linux questions as duplicates and reopen them as needed.

StackExchange.ready(function()
if (StackExchange.options.isMobile) return;

$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');

$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();

);
);
);
 Dec 15 '17 at 13:47


This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.









  • 1




    Does getent passwd 0..65535 work for you? See also How can I list all user names and/or home directories?
    – Stéphane Chazelas
    Dec 15 '17 at 11:08











  • @StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
    – yukashima huksay
    Dec 15 '17 at 11:33






  • 1




    I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed by wbinfo -u
    – Archemar
    Dec 18 '17 at 11:54










  • @Archemar did you try getent passwd 0..65535?
    – yukashima huksay
    Dec 18 '17 at 12:52










  • @Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
    – yukashima huksay
    Dec 18 '17 at 12:53












  • 1




    Does getent passwd 0..65535 work for you? See also How can I list all user names and/or home directories?
    – Stéphane Chazelas
    Dec 15 '17 at 11:08











  • @StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
    – yukashima huksay
    Dec 15 '17 at 11:33






  • 1




    I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed by wbinfo -u
    – Archemar
    Dec 18 '17 at 11:54










  • @Archemar did you try getent passwd 0..65535?
    – yukashima huksay
    Dec 18 '17 at 12:52










  • @Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
    – yukashima huksay
    Dec 18 '17 at 12:53







1




1




Does getent passwd 0..65535 work for you? See also How can I list all user names and/or home directories?
– Stéphane Chazelas
Dec 15 '17 at 11:08





Does getent passwd 0..65535 work for you? See also How can I list all user names and/or home directories?
– Stéphane Chazelas
Dec 15 '17 at 11:08













@StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
– yukashima huksay
Dec 15 '17 at 11:33




@StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
– yukashima huksay
Dec 15 '17 at 11:33




1




1




I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed by wbinfo -u
– Archemar
Dec 18 '17 at 11:54




I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed by wbinfo -u
– Archemar
Dec 18 '17 at 11:54












@Archemar did you try getent passwd 0..65535?
– yukashima huksay
Dec 18 '17 at 12:52




@Archemar did you try getent passwd 0..65535?
– yukashima huksay
Dec 18 '17 at 12:52












@Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
– yukashima huksay
Dec 18 '17 at 12:53




@Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
– yukashima huksay
Dec 18 '17 at 12:53










1 Answer
1






active

oldest

votes

















up vote
3
down vote



accepted










Most probably the ldap configuration doesn't allow enumeration.



If you know the range of user ids, you could try and get a user list by querying every possible user id:



getent passwd 0..65535


Here assuming a shell with support for the x..y form of brace expansion (zsh, bash, ksh93, tcsh, yash -o braceexpand).



Note that on Linux, uids are no longer limited to 16 bits, and some Microsoft AD or samba based directory servers at least often use values greater than 65535. Querying 0..2147483647 would be out of the question though.



Your network admins are probably not going to like that, as it means doing a lot of LDAP queries to the directory server.



Note that since the primary key in the passwd database is the user name, not id, there may be more than one id for each user name, an getent passwd <id> returns only one entry, so you may be missing some users.



If users are generally in at least one group beside their primary group, one way to get a list of users could be to query a list of groups with the same methods and look at their members:



getent group 0..65535 | cut -d: -f4 | tr , 'n' | sort -u


Here sss is not used. You'd have sss instead of ldap in the nsswitch.conf.



That would be libnss-ldap (or possibly libnss-ldapd, check with dpkg -l | grep ldap) handling queries for ldap. Configuration is possibly in /etc/libnss-ldap.conf or /etc/ldap.conf or /etc/ldap/ldap.conf.



If you can read those, then you'd find out the server name and details of where the users are in the directory tree, and you may be able to use ldapsearch to get the relevant information (provided you're granted access).






share|improve this answer






















  • Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
    – yukashima huksay
    Dec 15 '17 at 12:01






  • 1




    Again, getent group 0..65535 might help (and provide you with a way to find out more user names).
    – Stéphane Chazelas
    Dec 15 '17 at 12:03










  • won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
    – Archemar
    Dec 15 '17 at 13:38










  • @Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
    – Stéphane Chazelas
    Dec 15 '17 at 15:48










  • There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
    – Jens Timmerman
    Mar 21 at 14:00

















1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
3
down vote



accepted










Most probably the ldap configuration doesn't allow enumeration.



If you know the range of user ids, you could try and get a user list by querying every possible user id:



getent passwd 0..65535


Here assuming a shell with support for the x..y form of brace expansion (zsh, bash, ksh93, tcsh, yash -o braceexpand).



Note that on Linux, uids are no longer limited to 16 bits, and some Microsoft AD or samba based directory servers at least often use values greater than 65535. Querying 0..2147483647 would be out of the question though.



Your network admins are probably not going to like that, as it means doing a lot of LDAP queries to the directory server.



Note that since the primary key in the passwd database is the user name, not id, there may be more than one id for each user name, an getent passwd <id> returns only one entry, so you may be missing some users.



If users are generally in at least one group beside their primary group, one way to get a list of users could be to query a list of groups with the same methods and look at their members:



getent group 0..65535 | cut -d: -f4 | tr , 'n' | sort -u


Here sss is not used. You'd have sss instead of ldap in the nsswitch.conf.



That would be libnss-ldap (or possibly libnss-ldapd, check with dpkg -l | grep ldap) handling queries for ldap. Configuration is possibly in /etc/libnss-ldap.conf or /etc/ldap.conf or /etc/ldap/ldap.conf.



If you can read those, then you'd find out the server name and details of where the users are in the directory tree, and you may be able to use ldapsearch to get the relevant information (provided you're granted access).






share|improve this answer






















  • Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
    – yukashima huksay
    Dec 15 '17 at 12:01






  • 1




    Again, getent group 0..65535 might help (and provide you with a way to find out more user names).
    – Stéphane Chazelas
    Dec 15 '17 at 12:03










  • won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
    – Archemar
    Dec 15 '17 at 13:38










  • @Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
    – Stéphane Chazelas
    Dec 15 '17 at 15:48










  • There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
    – Jens Timmerman
    Mar 21 at 14:00














up vote
3
down vote



accepted










Most probably the ldap configuration doesn't allow enumeration.



If you know the range of user ids, you could try and get a user list by querying every possible user id:



getent passwd 0..65535


Here assuming a shell with support for the x..y form of brace expansion (zsh, bash, ksh93, tcsh, yash -o braceexpand).



Note that on Linux, uids are no longer limited to 16 bits, and some Microsoft AD or samba based directory servers at least often use values greater than 65535. Querying 0..2147483647 would be out of the question though.



Your network admins are probably not going to like that, as it means doing a lot of LDAP queries to the directory server.



Note that since the primary key in the passwd database is the user name, not id, there may be more than one id for each user name, an getent passwd <id> returns only one entry, so you may be missing some users.



If users are generally in at least one group beside their primary group, one way to get a list of users could be to query a list of groups with the same methods and look at their members:



getent group 0..65535 | cut -d: -f4 | tr , 'n' | sort -u


Here sss is not used. You'd have sss instead of ldap in the nsswitch.conf.



That would be libnss-ldap (or possibly libnss-ldapd, check with dpkg -l | grep ldap) handling queries for ldap. Configuration is possibly in /etc/libnss-ldap.conf or /etc/ldap.conf or /etc/ldap/ldap.conf.



If you can read those, then you'd find out the server name and details of where the users are in the directory tree, and you may be able to use ldapsearch to get the relevant information (provided you're granted access).






share|improve this answer






















  • Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
    – yukashima huksay
    Dec 15 '17 at 12:01






  • 1




    Again, getent group 0..65535 might help (and provide you with a way to find out more user names).
    – Stéphane Chazelas
    Dec 15 '17 at 12:03










  • won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
    – Archemar
    Dec 15 '17 at 13:38










  • @Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
    – Stéphane Chazelas
    Dec 15 '17 at 15:48










  • There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
    – Jens Timmerman
    Mar 21 at 14:00












up vote
3
down vote



accepted







up vote
3
down vote



accepted






Most probably the ldap configuration doesn't allow enumeration.



If you know the range of user ids, you could try and get a user list by querying every possible user id:



getent passwd 0..65535


Here assuming a shell with support for the x..y form of brace expansion (zsh, bash, ksh93, tcsh, yash -o braceexpand).



Note that on Linux, uids are no longer limited to 16 bits, and some Microsoft AD or samba based directory servers at least often use values greater than 65535. Querying 0..2147483647 would be out of the question though.



Your network admins are probably not going to like that, as it means doing a lot of LDAP queries to the directory server.



Note that since the primary key in the passwd database is the user name, not id, there may be more than one id for each user name, an getent passwd <id> returns only one entry, so you may be missing some users.



If users are generally in at least one group beside their primary group, one way to get a list of users could be to query a list of groups with the same methods and look at their members:



getent group 0..65535 | cut -d: -f4 | tr , 'n' | sort -u


Here sss is not used. You'd have sss instead of ldap in the nsswitch.conf.



That would be libnss-ldap (or possibly libnss-ldapd, check with dpkg -l | grep ldap) handling queries for ldap. Configuration is possibly in /etc/libnss-ldap.conf or /etc/ldap.conf or /etc/ldap/ldap.conf.



If you can read those, then you'd find out the server name and details of where the users are in the directory tree, and you may be able to use ldapsearch to get the relevant information (provided you're granted access).






share|improve this answer














Most probably the ldap configuration doesn't allow enumeration.



If you know the range of user ids, you could try and get a user list by querying every possible user id:



getent passwd 0..65535


Here assuming a shell with support for the x..y form of brace expansion (zsh, bash, ksh93, tcsh, yash -o braceexpand).



Note that on Linux, uids are no longer limited to 16 bits, and some Microsoft AD or samba based directory servers at least often use values greater than 65535. Querying 0..2147483647 would be out of the question though.



Your network admins are probably not going to like that, as it means doing a lot of LDAP queries to the directory server.



Note that since the primary key in the passwd database is the user name, not id, there may be more than one id for each user name, an getent passwd <id> returns only one entry, so you may be missing some users.



If users are generally in at least one group beside their primary group, one way to get a list of users could be to query a list of groups with the same methods and look at their members:



getent group 0..65535 | cut -d: -f4 | tr , 'n' | sort -u


Here sss is not used. You'd have sss instead of ldap in the nsswitch.conf.



That would be libnss-ldap (or possibly libnss-ldapd, check with dpkg -l | grep ldap) handling queries for ldap. Configuration is possibly in /etc/libnss-ldap.conf or /etc/ldap.conf or /etc/ldap/ldap.conf.



If you can read those, then you'd find out the server name and details of where the users are in the directory tree, and you may be able to use ldapsearch to get the relevant information (provided you're granted access).







share|improve this answer














share|improve this answer



share|improve this answer








edited Dec 15 '17 at 15:44

























answered Dec 15 '17 at 11:46









Stéphane Chazelas

282k53520854




282k53520854











  • Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
    – yukashima huksay
    Dec 15 '17 at 12:01






  • 1




    Again, getent group 0..65535 might help (and provide you with a way to find out more user names).
    – Stéphane Chazelas
    Dec 15 '17 at 12:03










  • won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
    – Archemar
    Dec 15 '17 at 13:38










  • @Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
    – Stéphane Chazelas
    Dec 15 '17 at 15:48










  • There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
    – Jens Timmerman
    Mar 21 at 14:00
















  • Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
    – yukashima huksay
    Dec 15 '17 at 12:01






  • 1




    Again, getent group 0..65535 might help (and provide you with a way to find out more user names).
    – Stéphane Chazelas
    Dec 15 '17 at 12:03










  • won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
    – Archemar
    Dec 15 '17 at 13:38










  • @Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
    – Stéphane Chazelas
    Dec 15 '17 at 15:48










  • There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
    – Jens Timmerman
    Mar 21 at 14:00















Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
– yukashima huksay
Dec 15 '17 at 12:01




Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
– yukashima huksay
Dec 15 '17 at 12:01




1




1




Again, getent group 0..65535 might help (and provide you with a way to find out more user names).
– Stéphane Chazelas
Dec 15 '17 at 12:03




Again, getent group 0..65535 might help (and provide you with a way to find out more user names).
– Stéphane Chazelas
Dec 15 '17 at 12:03












won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
– Archemar
Dec 15 '17 at 13:38




won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
– Archemar
Dec 15 '17 at 13:38












@Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
– Stéphane Chazelas
Dec 15 '17 at 15:48




@Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
– Stéphane Chazelas
Dec 15 '17 at 15:48












There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
– Jens Timmerman
Mar 21 at 14:00




There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
– Jens Timmerman
Mar 21 at 14:00


-

Popular posts from this blog

How to check contact read email or not when send email to Individual?

Image
Clash Royale CLAN TAG #URR8PPP up vote 1 down vote favorite I'm using WordPress 4.9.8, CiviCRM to 5.5.1, I usually send email to contact by Search> Find contacts View contact details Action> Send email Send email ok, Contact received mail ok like picture But status only Email sent though contact read email or not. So, can CiviCRM can change status to Email read when contact read email? wordpress email share | improve this question asked Sep 26 at 0:12 ToanLuong 49 9 add a comment  |  up vote 1 down vote favorite I'm using WordPress 4.9.8, CiviCRM to 5.5.1, I usually send email to contact by Search> Find contacts View contact details Action> Send email Send email ok, Contact received mail ok like picture But status only Email sent though contact read email or not. So, can CiviCRM can change status to Email read when contact read email? wordpress email share | improve this question asked Se
Read more

Bahrain

Image
For other uses, see Bahrain (disambiguation). Sovereign island state in the Persian Gulf Kingdom of Bahrain مملكة البحرين   (Arabic) Mamlakat al-Baḥrayn Flag Coat of arms Anthem:  نشيد البحرين الوطني Bahrainona Our Bahrain Location of   Bahrain    (circled in red) Capital and largest city Manama 26°13′N 50°35′E  /  26.217°N 50.583°E  / 26.217; 50.583 Official languages Arabic Ethnic groups (2010 [1] ) 50.7% Arab (46% Bahrani, 4.7% other Arabs) 45.5% Asian 1% European 1.2% Others Religion Islam Demonym(s) Bahraini Government Unitary constitutional monarchy • King Hamad bin Isa Al Khalifa • Crown Prince Salman bin Hamad bin Isa Al Khalifa • Prime Minister Khalifa bin Salman Al Khalifa Legislature National Assembly • Upper house Consultative Council • Lower house Council of Representatives Independence • Declared Independence [2] 14 August 1971 • from United Kingdom [1] 15 August 1971 • Admitted to the United Nations 21 September 1971 • Kingdom of Bahrain 14 February 2002
Read more

Postfix configuration issue with fips on centos 7; mailgun relay

Image
Clash Royale CLAN TAG #URR8PPP up vote 0 down vote favorite I am trying to setup postfix to relay all mail generated on the local machine via SMTP to a mailgun relay. I have used the mailgun relay before with success on an ubuntu server, but I am migrating to a Centos 7 server which I will be running in FIPS mode. There error log is below, slightly sanitized. I have a small enough network that I choose to have each machine reach out to mailgun individually (this the loopback-only, 127.0.0.0/8 restrictions) and no firewall open port allowing smtp in to the machine. I assume the FIPS mode (and with it disabling of MD5) is causing problems, but I don't know how to overcome it or if it is even possible for tls_fprint to use some supported hash such as sha256 or sha512. However, the relay=none is slightly concerning since I have relayhost set, but perhaps that is because the smtp process is failing? Any help would be appreciated! postconf -n: alias_database = hash:/etc/alia
Read more