How to check whether LDAP username and password is correct - LDAP/OpenDJ

You can use "ldapwhoami" command to check whether a ldap username and password is correct.

ldapwhoami -vvv -h <host> -p <port> -D "<binddn>" -x -w <password>

"bindDN" is the LDAP credential you used to authenticate with a LDAP server.

Example of binddn;

cn=Manager,ou=example,dc=com,dc=au

Command line options used in this example:

-H ldapuri - Specify URI(s) referring to the ldap server(s); only the protocol/host/port fields are allowed; a list of URI, separated by whitespace or commas is expected.
-h ldaphost - Specify an alternate host on which the ldap server is running. Deprecated in favor of -H.
-p ldapport - Specify an alternate TCP port where the ldap server is listening. Deprecated in favor of -H.
-v - Run in verbose mode, with many diagnostics written to standard output.
-w passwd - Use passwd as the password for simple authentication. 
-x - Use simple authentication instead of SASL
-D binddn -Use the Distinguished Name binddn to bind to the LDAP directory. For SASL binds, the server is expected to ignore this value.

More details:

• OpenLDAP Tutorial - https://sites.google.com/site/openldaptutorial/Home/openldap---beginners/test-server
• ldapwhoami(1) - Linux man page - http://linux.die.net/man/1/ldapwhoami 
• DN (Distinguished Names) - https://msdn.microsoft.com/en-us/library/windows/desktop/aa366101%28v=vs.85%29.aspx
• DN and RDN - http://www.zytrax.com/books/ldap/apa/dn-rdn.html
• What exactly is a bindDB? - http://serverfault.com/questions/616698/in-ldap-what-exactly-is-a-bind-dn