7

I'm using the ldapsearch.exe binary that was installed along with an Oracle client. It took awhile to tease out the arguments that it wanted, but I'm able to successfully connect to AD and parse out text attributes (given a username, look up an email, etc). But I'd also like to grab the avatar images that Exchange/Lync use. According to some Microsoft documentation I dug up, the attribute name is thumbnailPhoto. I couldn't figure it out at first, but this command doesn't produce angry error messages:

ldapsearch -v -h xxx.yyy.edu -Z -b cn=USERNAME,ou=Computers,ou=yyy,dc=yyy,dc=edu cn=USERNAME thumbnailPhoto

When I run that, I get the following output:

ldap_open( xxx.yyy.edu, 389 )
filter pattern: cn=USERNAME
returning: thumbnailPhoto
filter is (cn=USERNAME)
CN=USERNAME,OU=Computers,OU=yyy,DC=yyy,DC=edu
1 matches

There is no file in the current directory, there is no file in %TEMP%. If I use -t with or without arguments, no files are downloaded. No binary garbage fills the console window. I get identical behavior whether or not I run the command from bash (msys) or cmd.exe.

What gives? It looks like I'm doing everything right. But I'm running out of ways to debug. Am I not even using the right tools?

John O
  • 283

2 Answers2

3

If you may use powershell instead of ldapsearch, then try this:

$user = Get-ADUser John -Properties thumbnailPhoto
$user.thumbnailPhoto | Set-Content c:\temp\1.jpg -Encoding byte
Vadim
  • 636
0

When I do the search, I get a base64 string encoding a jpeg. Piping that to base64 -d gets at the image. I send that right to feh to see the thumbnail, but you could > ${SEARCH_MAIL}thumbnail.jpeg to save it instead.

SEARCH_MAIL=person@company.tld
user=me@company.tld
host=ldap://sub.domain.net
dc="DC=sub,DC=domain,DC=net" 
query="(&(objectClass=user)(mail=$SEARCH_MAIL))"

ldapsearch  -v -x -H $host -v "$dc" "$query" -D "$user" -w "$pass" thumbnailPhoto |&
  sed -n '/thumbnailPhoto:: /,/^$/p'| # extract only the thumbnailPhoto
  sed 's/thumbnailPhoto::|\s//g'   | # remove header and leading spaces
base64 -d                           | # decode
feh -                                 # view, use '> file.jpg' to save
Will
  • 161