diff --git a/shard.yml b/shard.yml
index 037e0f3..c20194d 100644
--- a/shard.yml
+++ b/shard.yml
@@ -23,6 +23,8 @@ targets:
     main: utils/authd-user-mod.cr
   auth-user-validate:
     main: utils/authd-user-validate.cr
+  auth-user-search:
+    main: utils/authd-user-search.cr
 
 crystal: 0.31
 
diff --git a/src/authd.cr b/src/authd.cr
index a185a0f..d96ac3a 100644
--- a/src/authd.cr
+++ b/src/authd.cr
@@ -120,6 +120,12 @@ class AuthD::Response
 		initialize :user
 	end
 
+	class MatchingUsers < Response
+		property users  : Array(::AuthD::User::Public)
+
+		initialize :users
+	end
+
 	# This creates a Request::Type enumeration. One entry for each request type.
 	{% begin %}
 		enum Type
@@ -311,6 +317,12 @@ class AuthD::Request
 		initialize :user
 	end
 
+	class SearchUser < Request
+		property user : String
+
+		initialize :user
+	end
+
 	# This creates a Request::Type enumeration. One entry for each request type.
 	{% begin %}
 		enum Type
@@ -556,6 +568,20 @@ module AuthD
 				raise Exception.new "unexpected response"
 			end
 		end
+
+		def search_user(user_login : String)
+			send Request::SearchUser.new user_login
+			response = Response.from_ipc read
+
+			case response
+			when Response::MatchingUsers
+				response.users
+			when Response::Error
+				raise Exception.new response.reason
+			else
+				Exception.new
+			end
+		end
 	end
 end
 
diff --git a/src/main.cr b/src/main.cr
index 1f02eb5..6bdccb2 100644
--- a/src/main.cr
+++ b/src/main.cr
@@ -385,6 +385,23 @@ class AuthD::Service
 			@users_per_uid.update user.uid.to_s, user
 
 			Response::PasswordRecoverySent.new user.to_public
+		when Request::SearchUser
+			pattern = Regex.new request.user
+
+			matching_users = Array(AuthD::User::Public).new
+
+			users = @users.to_a
+			users.each do |u|
+				# pp! u
+				if pattern =~ u.login
+					puts "#{u.login} matches #{pattern}"
+					matching_users << u.to_public
+				else
+					puts "#{u.login} doesn't match #{pattern}"
+				end
+			end
+
+			Response::MatchingUsers.new matching_users
 		else
 			Response::Error.new "unhandled request type"
 		end
diff --git a/utils/authd-user-search.cr b/utils/authd-user-search.cr
new file mode 100644
index 0000000..f474b14
--- /dev/null
+++ b/utils/authd-user-search.cr
@@ -0,0 +1,40 @@
+require "option_parser"
+
+require "../src/authd.cr"
+
+# key_file       : String? = nil
+login          : String? = nil
+activation_key : String? = nil
+
+OptionParser.parse do |parser|
+	parser.unknown_args do |args|
+		if args.size != 1
+			puts "usage: #{PROGRAM_NAME} login-to-search [options]"
+			exit 1
+		end
+
+		login = args[0]
+	end
+
+	#parser.on "-K file", "--key-file file", "Read the authd shared key from a file." do |file|
+	#	key_file = file
+	#end
+
+	parser.on "-h", "--help", "Prints this help message." do
+		puts "usage: #{PROGRAM_NAME} login-to-search [options]"
+		puts parser
+		exit 0
+	end
+end
+
+begin
+	authd = IPC::Connection.new "auth"
+
+	authd = AuthD::Client.new
+	# authd.key = File.read(key_file.not_nil!).chomp
+
+	pp! r = authd.search_user login.not_nil!
+rescue e
+	puts "Error: #{e}"
+	exit 1
+end