At IU, how can I query ADS using LDAP?

All Indiana University accounts (excluding Guest accounts) can query ADS using LDAP to get additional information about users. This can be useful in cases where, for example, you would like to restrict access to your service to a few users based on a specific ADS group, or if you need a user's email address. LDAP is compatible with most programming languages; use the information below in your code to query ADS using LDAP.

  • Server: ads.iu.edu
  • Port: 636 (SSL) or 3269 (Global Catalog SSL)

Bind using your ADS username and password. If you plan to add this to an application, it's a good idea to create a service account to use for this.

After establishing a bind, you can perform an ADS query. Use a Base Dn of ou=Accounts,dc=ads,dc=iu,dc=edu, and create an LDAP filter that will return the information you would like. Some examples include:

  • (sAMAccountName=jsmith)

    Returns all attributes for the user "jsmith".

  • (memberOf=CN=IU-UITS-MANAGED-BL-UNDERGRADUATE,OU=Campus,OU=Groups,OU=Managed,DC=ads,DC=iu,DC=edu)

    Returns all BL undergraduates.

This is document bdcm in the Knowledge Base.
Last modified on 2016-02-29 00:00:00.

  • Fill out this form to submit your issue to the UITS Support Center.
  • Please note that you must be affiliated with Indiana University to receive support.
  • All fields are required.

Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.

  • Fill out this form to submit your comment to the IU Knowledge Base.
  • If you are affiliated with Indiana University and need help with a computing problem, please use the I need help with a computing problem section above, or contact your campus Support Center.

Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.