How to grab all objects form Azure Active Directory Domain Services Domain from Linux machine

Azure Active Directory Domain Services is (in simple words) a Domain Controller as a Service with LDAP protocol.

Azure Active Directory Domain Services provides scalable, high-performance, managed domain services such as domain-join, LDAP, Kerberos, Windows Integrated Authentication, and Group Policy. With the click of a button, administrators can enable managed domain services for virtual machines and directory-aware applications deployed in Azure Infrastructure Services. By maintaining compatibility with Windows Server Active Directory, Azure Active Directory Domain Services gives you an easy way to migrate traditional on-premises applications to the cloud. Azure Active Directory is now the single managed directory for both modern SaaS and traditional directory-aware apps.

So if You want to use Active Directory for managing users but You don't want to use and administer Windows Server (as Domain Controller), AAD DS is good option for You.

Windows Active Directory has of course a LDAP Schema. We can find coplete schema on AD reference web sites, but how to grab all objects form Directory? It's very simple. We just need to use ldapsearch tool (You can probably find it in Your's Linux distribution repositories).

ldapsearch -x -D "username@domain.onmicrosoft.com" -W -p 389 -h 10.0.0.4 -b "dc=domain,dc=onmicrosoft,dc=com" -s sub "(objectclass=*)"

Of course You must change Your Domain Controller IP address according to AAD DS configuration. The important thing is that we use "username@domain.onmicrosoft.com" to authenticate via LDAP (typically we use just username or CN).