Sometimes one needs to troubleshoot or establish method to fix or design solutions within ldap/AD for AppGate. One way of doing it is by using the onboard tools ag_ldapsearch and ldapsearch.
From the manual: The ag_ldapsearch -p plugin expression will call the traditional Open LDAP ldapsearch with the ldap search expression given. Run the program without parameters for a list of plugins that can be used. This program is very useful if you want to debug or just fetch complete records from ldap. By giving the plugin name it will figure out from the AppGate configuration how to connect and authenticate to the ldap server.
ag_ldapsearch -p ldap_pluginX <name.shurename>
Find the ldap_pluginX, where X is an integer, from the appgate.conf file if you have several one:
cat /var/opt/appgate/conf/appgate.conf | grep plugin
ldapsearch tool (native)
'ldapsearch' lets you create your own configuration, outside of what AppGate has configured for. This can be useful to compare the functionality of "AppGate" searches with the native tool.
Read man ldapsearch and ldapsearch -h for usage and configuration.
Example for a ldaps connection test: The LDAPS connection test is a little bit tricky to configure. You have to create a .ldaprc file in the home directory with the line
Then you can start the ldapsearch command in LDAPS mode from the command line:
ldapsearch -x -H ldaps://ldap.company.com -D 'firstname.lastname@example.org' -w 'xxxxxxxxxx' -b 'DC=company,DC=com' 'sAMAccountName=name.shurename'