Skip to content

0. General

Jump to bottom
Artur Marzano edited this page Dec 16, 2024 · 15 revisions

Basic Usage

If you are using godap for the first time, please refer to the Installation and Usage sections from the README for basic instructions.

After you have connected to your directory, follow the specific instructions in the wiki for examples and common pitfalls.

Other than the flags already explained in the README, the following flags can also be set to customize the connection:

  • -G - The paging size to use. Most queries in godap are paged - that is, they retrieve the results in pages of a specific size. As long as your environment allows it, you can change the paging size to try to make godap more performatic. Some directories limit queries to 1000 results, so the default paging for godap is hardcoded to 800.
  • -L - This attribute specifies the maximum number of attributes to show to the user in object trees (if ExpandAttrs is set to true). Some attributes can have hundreds of values, so this is needed to avoid having to scroll through a huge number of values. The entries past the specified value of 20 are hidden by default, and you can show them by hitting ENTER on top of the [hidden entries] text, or by running godap again with a higher -L value.
  • -T - The timeout for LDAP connections in seconds.

The f (FormatAttrs) / e (Emojis) / c (Colors) / a (ExpandAttrs) / d (Deleted) keybindings or command-line flags can be used to control basic behaviors of godap. These are self-explanatory, with exception of d (Deleted), which is disabled by default. When specified, it will include an AD-specific control (LDAP_SERVER_SHOW_DELETED_OID) in most search requests that will also retrieve objects that were deleted in the CN=Deleted Objects container:

image

Note that you must reload the root object with r after toggling the d option in order to have godap fetch the container that holds deleted objects, and that this will only work for environments that have the Active Directory Recycle Bin enabled.

Connection Config

The l keybinding can be used to change the connection configuration after starting godap. It opens the page below, where you can change the server address, port, SOCKS proxy address, domain name, credentials, and whether to use LDAPS & ignore server certificate validation.

image

Clicking on Update will make a new connection to the target server using the updated parameters.

If your connection is broken somehow during the session, you can reconnect with Ctrl+R or by just closing godap and running it again.

Transport Layer Security (TLS)

  • TLS can be established in the godap session by either connecting to an LDAPS port (usually 636) with -S or connecting to the standard port (usually 389) and upgrading the session afterwards with StartTLS (Ctrl+U).

  • Note that, if the server certificate is untrusted, for both methods you'll need to have started godap with -I or set the IgnoreCert toggle to True in the Connection Config.

Clone this wiki locally