LDAP db file location

UCS - Univention Corporate Server
#1

Hi,

I’m currently writing a test plan and I’m arrived at the “data security” section. I know we can check the user “database” by using udm users/user list and actually it contain all I want.

Unfortunately, for a test plan, it’s better to write : You need to test the file at /…/… than say : start a terminal, then input : sudo udm users/user list > dbuser.txt and after test it.

So I would like to know if someone know where all my users are stored (which file my command udm … check ; like the shadow file for the admin)

Thank’s in advance.

#2

As far as I know the LDAP database is stored in /var/lib/univention-ldap/ldap.

#3

Hi,

I didn’t saw that one. I thought they were in a db like postgresql or mysql but that look’s like it. I just have to find something to read it properly (to know if I have at least my “testuser”).

Thank you :slight_smile:

P.S. I’ve found a binary file at /var/lib/univention-directory-listener/cache.db who looks like it also. But I think yours is the “real” one. Tank’s again

#4

The backend is mdb, see OpenLDAP#Available_backends.
Unless you want to develop you own toolchain you will most likely rather use tools like ldapsearch (univention-ldapsearch) or slapcat to access the data.

#5

[quote=“ahrnke”]The backend is mdb, see OpenLDAP#Available_backends.
Unless you want to develop you own toolchain you will most likely rather use tools like ldapsearch (univention-ldapsearch) or slapcat to access the data.[/quote]

Tank you very much :slight_smile:

No I don’t want to develop my own tools, just to “evaluate” the parameters I need to put inside my test plan to check the security around my users/groups/computers database. It’s more like :

Parameters : go to path_to_file
Technique : Use a software to try to read it without permission
Result : It shouldn’t work

So after we can say : try to copy etc… Thank you very much.

I have a meeting now so I should go. Tank’s again. :slight_smile:

Mastodon