How can I get the list of ldap users without being sudo? [duplicate]
Clash Royale CLAN TAG#URR8PPP
up vote
4
down vote
favorite
This question already has an answer here:
How can I list all user names and/or home directories?
4 answers
I have non-sudo ssh access to a server of which I want to know the list of users, I think the server is using ldap because:
-bash-4.2$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
but:
-bash-4.2$ cd /etc/sssd/
-bash: cd: /etc/sssd/: No such file or directory
Please note neither of /etc/passwd
, ls -lsa /var
or getent passwd
is giving the list I want (they don't even include my own username)
So, does anyone have any idea on how I can get the list of usernames and ids of this server!?
If it helps:
-bash-4.2$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 7.11 (wheezy)
Release: 7.11
Codename: wheezy
linux ssh users ldap
marked as duplicate by ilkkachu, Jeff Schaller, Stephen Kitt
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Dec 15 '17 at 13:47
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
add a comment |Â
up vote
4
down vote
favorite
This question already has an answer here:
How can I list all user names and/or home directories?
4 answers
I have non-sudo ssh access to a server of which I want to know the list of users, I think the server is using ldap because:
-bash-4.2$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
but:
-bash-4.2$ cd /etc/sssd/
-bash: cd: /etc/sssd/: No such file or directory
Please note neither of /etc/passwd
, ls -lsa /var
or getent passwd
is giving the list I want (they don't even include my own username)
So, does anyone have any idea on how I can get the list of usernames and ids of this server!?
If it helps:
-bash-4.2$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 7.11 (wheezy)
Release: 7.11
Codename: wheezy
linux ssh users ldap
marked as duplicate by ilkkachu, Jeff Schaller, Stephen Kitt
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Dec 15 '17 at 13:47
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
1
Doesgetent passwd 0..65535
work for you? See also How can I list all user names and/or home directories?
â Stéphane Chazelas
Dec 15 '17 at 11:08
@StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
â yukashima huksay
Dec 15 '17 at 11:33
1
I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed bywbinfo -u
â Archemar
Dec 18 '17 at 11:54
@Archemar did you try getent passwd 0..65535?
â yukashima huksay
Dec 18 '17 at 12:52
@Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
â yukashima huksay
Dec 18 '17 at 12:53
add a comment |Â
up vote
4
down vote
favorite
up vote
4
down vote
favorite
This question already has an answer here:
How can I list all user names and/or home directories?
4 answers
I have non-sudo ssh access to a server of which I want to know the list of users, I think the server is using ldap because:
-bash-4.2$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
but:
-bash-4.2$ cd /etc/sssd/
-bash: cd: /etc/sssd/: No such file or directory
Please note neither of /etc/passwd
, ls -lsa /var
or getent passwd
is giving the list I want (they don't even include my own username)
So, does anyone have any idea on how I can get the list of usernames and ids of this server!?
If it helps:
-bash-4.2$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 7.11 (wheezy)
Release: 7.11
Codename: wheezy
linux ssh users ldap
This question already has an answer here:
How can I list all user names and/or home directories?
4 answers
I have non-sudo ssh access to a server of which I want to know the list of users, I think the server is using ldap because:
-bash-4.2$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
but:
-bash-4.2$ cd /etc/sssd/
-bash: cd: /etc/sssd/: No such file or directory
Please note neither of /etc/passwd
, ls -lsa /var
or getent passwd
is giving the list I want (they don't even include my own username)
So, does anyone have any idea on how I can get the list of usernames and ids of this server!?
If it helps:
-bash-4.2$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 7.11 (wheezy)
Release: 7.11
Codename: wheezy
This question already has an answer here:
How can I list all user names and/or home directories?
4 answers
linux ssh users ldap
edited Dec 15 '17 at 10:59
terdonâ¦
122k28230403
122k28230403
asked Dec 15 '17 at 10:50
yukashima huksay
429217
429217
marked as duplicate by ilkkachu, Jeff Schaller, Stephen Kitt
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Dec 15 '17 at 13:47
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
marked as duplicate by ilkkachu, Jeff Schaller, Stephen Kitt
StackExchange.ready(function()
if (StackExchange.options.isMobile) return;
$('.dupe-hammer-message-hover:not(.hover-bound)').each(function()
var $hover = $(this).addClass('hover-bound'),
$msg = $hover.siblings('.dupe-hammer-message');
$hover.hover(
function()
$hover.showInfoMessage('',
messageElement: $msg.clone().show(),
transient: false,
position: my: 'bottom left', at: 'top center', offsetTop: -7 ,
dismissable: false,
relativeToBody: true
);
,
function()
StackExchange.helpers.removeMessages();
);
);
);
Dec 15 '17 at 13:47
This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.
1
Doesgetent passwd 0..65535
work for you? See also How can I list all user names and/or home directories?
â Stéphane Chazelas
Dec 15 '17 at 11:08
@StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
â yukashima huksay
Dec 15 '17 at 11:33
1
I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed bywbinfo -u
â Archemar
Dec 18 '17 at 11:54
@Archemar did you try getent passwd 0..65535?
â yukashima huksay
Dec 18 '17 at 12:52
@Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
â yukashima huksay
Dec 18 '17 at 12:53
add a comment |Â
1
Doesgetent passwd 0..65535
work for you? See also How can I list all user names and/or home directories?
â Stéphane Chazelas
Dec 15 '17 at 11:08
@StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
â yukashima huksay
Dec 15 '17 at 11:33
1
I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed bywbinfo -u
â Archemar
Dec 18 '17 at 11:54
@Archemar did you try getent passwd 0..65535?
â yukashima huksay
Dec 18 '17 at 12:52
@Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
â yukashima huksay
Dec 18 '17 at 12:53
1
1
Does
getent passwd 0..65535
work for you? See also How can I list all user names and/or home directories?â Stéphane Chazelas
Dec 15 '17 at 11:08
Does
getent passwd 0..65535
work for you? See also How can I list all user names and/or home directories?â Stéphane Chazelas
Dec 15 '17 at 11:08
@StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
â yukashima huksay
Dec 15 '17 at 11:33
@StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
â yukashima huksay
Dec 15 '17 at 11:33
1
1
I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed by
wbinfo -u
â Archemar
Dec 18 '17 at 11:54
I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed by
wbinfo -u
â Archemar
Dec 18 '17 at 11:54
@Archemar did you try getent passwd 0..65535?
â yukashima huksay
Dec 18 '17 at 12:52
@Archemar did you try getent passwd 0..65535?
â yukashima huksay
Dec 18 '17 at 12:52
@Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
â yukashima huksay
Dec 18 '17 at 12:53
@Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
â yukashima huksay
Dec 18 '17 at 12:53
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
3
down vote
accepted
Most probably the ldap configuration doesn't allow enumeration.
If you know the range of user ids, you could try and get a user list by querying every possible user id:
getent passwd 0..65535
Here assuming a shell with support for the x..y
form of brace expansion (zsh, bash, ksh93, tcsh, yash -o braceexpand).
Note that on Linux, uids are no longer limited to 16 bits, and some Microsoft AD or samba based directory servers at least often use values greater than 65535. Querying 0..2147483647
would be out of the question though.
Your network admins are probably not going to like that, as it means doing a lot of LDAP queries to the directory server.
Note that since the primary key in the passwd
database is the user name, not id, there may be more than one id for each user name, an getent passwd <id>
returns only one entry, so you may be missing some users.
If users are generally in at least one group beside their primary group, one way to get a list of users could be to query a list of groups with the same methods and look at their members:
getent group 0..65535 | cut -d: -f4 | tr , 'n' | sort -u
Here sss
is not used. You'd have sss
instead of ldap
in the nsswitch.conf
.
That would be libnss-ldap
(or possibly libnss-ldapd, check with dpkg -l | grep ldap
) handling queries for ldap
. Configuration is possibly in /etc/libnss-ldap.conf
or /etc/ldap.conf
or /etc/ldap/ldap.conf
.
If you can read those, then you'd find out the server name and details of where the users are in the directory tree, and you may be able to use ldapsearch
to get the relevant information (provided you're granted access).
Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
â yukashima huksay
Dec 15 '17 at 12:01
1
Again,getent group 0..65535
might help (and provide you with a way to find out more user names).
â Stéphane Chazelas
Dec 15 '17 at 12:03
won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
â Archemar
Dec 15 '17 at 13:38
@Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
â Stéphane Chazelas
Dec 15 '17 at 15:48
There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
â Jens Timmerman
Mar 21 at 14:00
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
3
down vote
accepted
Most probably the ldap configuration doesn't allow enumeration.
If you know the range of user ids, you could try and get a user list by querying every possible user id:
getent passwd 0..65535
Here assuming a shell with support for the x..y
form of brace expansion (zsh, bash, ksh93, tcsh, yash -o braceexpand).
Note that on Linux, uids are no longer limited to 16 bits, and some Microsoft AD or samba based directory servers at least often use values greater than 65535. Querying 0..2147483647
would be out of the question though.
Your network admins are probably not going to like that, as it means doing a lot of LDAP queries to the directory server.
Note that since the primary key in the passwd
database is the user name, not id, there may be more than one id for each user name, an getent passwd <id>
returns only one entry, so you may be missing some users.
If users are generally in at least one group beside their primary group, one way to get a list of users could be to query a list of groups with the same methods and look at their members:
getent group 0..65535 | cut -d: -f4 | tr , 'n' | sort -u
Here sss
is not used. You'd have sss
instead of ldap
in the nsswitch.conf
.
That would be libnss-ldap
(or possibly libnss-ldapd, check with dpkg -l | grep ldap
) handling queries for ldap
. Configuration is possibly in /etc/libnss-ldap.conf
or /etc/ldap.conf
or /etc/ldap/ldap.conf
.
If you can read those, then you'd find out the server name and details of where the users are in the directory tree, and you may be able to use ldapsearch
to get the relevant information (provided you're granted access).
Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
â yukashima huksay
Dec 15 '17 at 12:01
1
Again,getent group 0..65535
might help (and provide you with a way to find out more user names).
â Stéphane Chazelas
Dec 15 '17 at 12:03
won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
â Archemar
Dec 15 '17 at 13:38
@Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
â Stéphane Chazelas
Dec 15 '17 at 15:48
There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
â Jens Timmerman
Mar 21 at 14:00
add a comment |Â
up vote
3
down vote
accepted
Most probably the ldap configuration doesn't allow enumeration.
If you know the range of user ids, you could try and get a user list by querying every possible user id:
getent passwd 0..65535
Here assuming a shell with support for the x..y
form of brace expansion (zsh, bash, ksh93, tcsh, yash -o braceexpand).
Note that on Linux, uids are no longer limited to 16 bits, and some Microsoft AD or samba based directory servers at least often use values greater than 65535. Querying 0..2147483647
would be out of the question though.
Your network admins are probably not going to like that, as it means doing a lot of LDAP queries to the directory server.
Note that since the primary key in the passwd
database is the user name, not id, there may be more than one id for each user name, an getent passwd <id>
returns only one entry, so you may be missing some users.
If users are generally in at least one group beside their primary group, one way to get a list of users could be to query a list of groups with the same methods and look at their members:
getent group 0..65535 | cut -d: -f4 | tr , 'n' | sort -u
Here sss
is not used. You'd have sss
instead of ldap
in the nsswitch.conf
.
That would be libnss-ldap
(or possibly libnss-ldapd, check with dpkg -l | grep ldap
) handling queries for ldap
. Configuration is possibly in /etc/libnss-ldap.conf
or /etc/ldap.conf
or /etc/ldap/ldap.conf
.
If you can read those, then you'd find out the server name and details of where the users are in the directory tree, and you may be able to use ldapsearch
to get the relevant information (provided you're granted access).
Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
â yukashima huksay
Dec 15 '17 at 12:01
1
Again,getent group 0..65535
might help (and provide you with a way to find out more user names).
â Stéphane Chazelas
Dec 15 '17 at 12:03
won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
â Archemar
Dec 15 '17 at 13:38
@Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
â Stéphane Chazelas
Dec 15 '17 at 15:48
There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
â Jens Timmerman
Mar 21 at 14:00
add a comment |Â
up vote
3
down vote
accepted
up vote
3
down vote
accepted
Most probably the ldap configuration doesn't allow enumeration.
If you know the range of user ids, you could try and get a user list by querying every possible user id:
getent passwd 0..65535
Here assuming a shell with support for the x..y
form of brace expansion (zsh, bash, ksh93, tcsh, yash -o braceexpand).
Note that on Linux, uids are no longer limited to 16 bits, and some Microsoft AD or samba based directory servers at least often use values greater than 65535. Querying 0..2147483647
would be out of the question though.
Your network admins are probably not going to like that, as it means doing a lot of LDAP queries to the directory server.
Note that since the primary key in the passwd
database is the user name, not id, there may be more than one id for each user name, an getent passwd <id>
returns only one entry, so you may be missing some users.
If users are generally in at least one group beside their primary group, one way to get a list of users could be to query a list of groups with the same methods and look at their members:
getent group 0..65535 | cut -d: -f4 | tr , 'n' | sort -u
Here sss
is not used. You'd have sss
instead of ldap
in the nsswitch.conf
.
That would be libnss-ldap
(or possibly libnss-ldapd, check with dpkg -l | grep ldap
) handling queries for ldap
. Configuration is possibly in /etc/libnss-ldap.conf
or /etc/ldap.conf
or /etc/ldap/ldap.conf
.
If you can read those, then you'd find out the server name and details of where the users are in the directory tree, and you may be able to use ldapsearch
to get the relevant information (provided you're granted access).
Most probably the ldap configuration doesn't allow enumeration.
If you know the range of user ids, you could try and get a user list by querying every possible user id:
getent passwd 0..65535
Here assuming a shell with support for the x..y
form of brace expansion (zsh, bash, ksh93, tcsh, yash -o braceexpand).
Note that on Linux, uids are no longer limited to 16 bits, and some Microsoft AD or samba based directory servers at least often use values greater than 65535. Querying 0..2147483647
would be out of the question though.
Your network admins are probably not going to like that, as it means doing a lot of LDAP queries to the directory server.
Note that since the primary key in the passwd
database is the user name, not id, there may be more than one id for each user name, an getent passwd <id>
returns only one entry, so you may be missing some users.
If users are generally in at least one group beside their primary group, one way to get a list of users could be to query a list of groups with the same methods and look at their members:
getent group 0..65535 | cut -d: -f4 | tr , 'n' | sort -u
Here sss
is not used. You'd have sss
instead of ldap
in the nsswitch.conf
.
That would be libnss-ldap
(or possibly libnss-ldapd, check with dpkg -l | grep ldap
) handling queries for ldap
. Configuration is possibly in /etc/libnss-ldap.conf
or /etc/ldap.conf
or /etc/ldap/ldap.conf
.
If you can read those, then you'd find out the server name and details of where the users are in the directory tree, and you may be able to use ldapsearch
to get the relevant information (provided you're granted access).
edited Dec 15 '17 at 15:44
answered Dec 15 '17 at 11:46
Stéphane Chazelas
282k53520854
282k53520854
Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
â yukashima huksay
Dec 15 '17 at 12:01
1
Again,getent group 0..65535
might help (and provide you with a way to find out more user names).
â Stéphane Chazelas
Dec 15 '17 at 12:03
won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
â Archemar
Dec 15 '17 at 13:38
@Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
â Stéphane Chazelas
Dec 15 '17 at 15:48
There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
â Jens Timmerman
Mar 21 at 14:00
add a comment |Â
Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
â yukashima huksay
Dec 15 '17 at 12:01
1
Again,getent group 0..65535
might help (and provide you with a way to find out more user names).
â Stéphane Chazelas
Dec 15 '17 at 12:03
won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
â Archemar
Dec 15 '17 at 13:38
@Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
â Stéphane Chazelas
Dec 15 '17 at 15:48
There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
â Jens Timmerman
Mar 21 at 14:00
Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
â yukashima huksay
Dec 15 '17 at 12:01
Is it possible to get the userids within a gid?! because I have most of the gids. Also I'd like to know if it is possible to get all the gids.
â yukashima huksay
Dec 15 '17 at 12:01
1
1
Again,
getent group 0..65535
might help (and provide you with a way to find out more user names).â Stéphane Chazelas
Dec 15 '17 at 12:03
Again,
getent group 0..65535
might help (and provide you with a way to find out more user names).â Stéphane Chazelas
Dec 15 '17 at 12:03
won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
â Archemar
Dec 15 '17 at 13:38
won't ldap/active directory users and group comme with id far above 65535 ? (I know active directory is not mentionned here, but I never seen ldap not being active directory, if OP is ldap only this should be fine)
â Archemar
Dec 15 '17 at 13:38
@Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
â Stéphane Chazelas
Dec 15 '17 at 15:48
@Archemar, I've never come across MSAD, but I can confirm a samba equivalent of MSAD having uids above 65535, so I've changed the text.
â Stéphane Chazelas
Dec 15 '17 at 15:48
There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
â Jens Timmerman
Mar 21 at 14:00
There is probably a reason why the ldap doesn't support enumeration, it could be bad for performance if 1000+ machines enumerate 5000+ users all the time. This probably means it is also very bad to enumereate them like this in a script.
â Jens Timmerman
Mar 21 at 14:00
add a comment |Â
1
Does
getent passwd 0..65535
work for you? See also How can I list all user names and/or home directories?â Stéphane Chazelas
Dec 15 '17 at 11:08
@StéphaneChazelas it certainly does help a lot and gives a much better result than what I had already tried but it still doesn't include my own name but it includes some names from the users that had been created probably 18 years ago in the system:))! I didn't actually know this system is from that long ago:)) Would you be so kind to explain to me what that command does!? what does getent passwd 5 do for example? I mean know the seq thing;)
â yukashima huksay
Dec 15 '17 at 11:33
1
I vote to repoen, on my suse 12.1 getent passwd will list entry from /etc/passwd, not Active directory on which can be listed by
wbinfo -u
â Archemar
Dec 18 '17 at 11:54
@Archemar did you try getent passwd 0..65535?
â yukashima huksay
Dec 18 '17 at 12:52
@Archemar maybe your system is using ids larger than 65535 for example my system was using 88113657 for my id
â yukashima huksay
Dec 18 '17 at 12:53