Use > JMX Reference > Hardening Methods > How to Search LDAP Users

How to Search LDAP Users

The JMX console provides a getLDAPGroupUsersChunk() method that allows you to search LDAP users. The method returns matched users in one or multiple chunks, and each chunk contains 100 users at most.

Note To search LDAP users, the LDAP server must support Virtual List View (VLV) and Server Side Sorting.

Follow these steps to search LDAP users from the JMX console:

  1. Launch your web browser and enter the following address: https://<server_name>:8443/jmx-console, where <server_name> is the name of the machine on which Universal CMDB is installed.

    You may need to log in with a user name and password.

  2. Under UCMDB, click UCMDB:service=LDAP Services to open the Operations page.
  3. Locate getLDAPGroupUsersChunk, and then specify the following parameters.

    Parameter Value
    ldapHost

    Enter the host name of the LDAP server.

    This parameter is mandatory.

    searchInGroup

    Enter the group's name if you want to search in a specific group.

    Default: search all groups.

    searchByField

    Specify one of the following fields: uid, displayname. The method then searches in the specified field.

    Default:uid.

    searchValue

    Enter the search value.

    sortByField

    Specify one of the following fields: uid, displayname. The method then sorts the search result by the specified field.

    Default:uid.

    sortOrder

    Specify the sort order of the search result.

    Default: True (in ascending order).

    requestedChunkNumber

    Specify which chunk of result that the method returns.

    Default: the first chunk.

    multipleChunksRequest

    Specify how many chunks of result that the method returns.

    The method returns the specified number of chunks starting from the first chunk.

    This parameter works only when requestedChunkNumber is not specified. Otherwise, the method only returns the chunk as specified in requestedChunkNumber.

    Note If only ldapHost is specified, the method returns the first chunk of all users in all groups in the ascending order of the uid field.

  4. Click Invoke.

Note The method can return the group information of LDAP users. To enable this functionality, you need to configure the LDAP server by using the configureLdapServer() method and set the displayUsersGroup parameter to True.