[prev in list] [next in list] [prev in thread] [next in thread]
List: openldap-software
Subject: Re: ldapsearch issue
From: Hallvard B Furuseth <h.b.furuseth () usit ! uio ! no>
Date: 2005-04-28 10:39:04
Message-ID: hbf.20050428mhxo () bombur ! uio ! no
[Download RAW message or body]
Edward De Jongh writes:
> (...)
> if I search for a user like so:
>
> Attributes attrs = ctx.getAttributes("cn=someone
> x,ou=somewhere,dc=example,dc=co,dc=za");
That's a direct lookup of an entry by its name (DN). LDAP implements
that as a a search with scope=base, which only examines the named DN.
> (...)
> dn: cn=someone x,ou=somewhere,dc=example,dc=co,dc=za
> objectclass: lifeUser
> displayName: something
> employeeNumber: 1031275942
> cn: someone
> sn: x
> role: NB_SPECIAL_PROJECTS
> role: ROLE.SPECIALPROJECTS
>
> However I cannot do a search based on employee number
>
> Like so employeeNumber=1031275942,ou=somewhere,dc=example,dc=co,dc=za
To search for employee number when that is not part of the entry name,
use search filter "(employeeNumber=1031275942)"
or maybe "(&(employeeNumber=1031275942)(objectClass=lifeUser))".
With search scope subtree (sometimes called sub) you can use search base
"dc=example,dc=co,dc=za" or "ou=somewhere,dc=example,dc=co,dc=za". With
search scope onelevel (also called singleLevel or one) you can only use
the latter search base.
Also read up on LDAP basics. The difference between DN and filter is
_very_ basic.
--
Hallvard
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic