# LDAP (389 Directory Server)

## Credentials

The admin account is `cn=Directory Manager` with the password stored in the
encrypted data bag `admin_password` item

```
$ knife data bag show credentials dirsrv --secret-file .chef/encrypted_data_bag_secret
```

## Example search (will prompt for password):

```
$ ldapsearch -x -W -D 'cn=Directory Manager' -b "ou=kosmos.org,cn=users,dc=kosmos,dc=org" -H "ldaps://ldap.kosmos.org" -v
```

## Shell scripts

Adding a new user account (requires username, email, password):

    ./scripts/ldap/add_user.sh username user@example.com changeme