Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: LDAP search query help
Top Forums UNIX for Dummies Questions & Answers LDAP search query help Post 302250420 by dopple on Thursday 23rd of October 2008 10:06:39 AM
Old 10-23-2008
Thanks for your reply (and thanks to your guru!).

FYI

It seems openldap wanted me to put the filter in single quotes, other than that, the example worked perfectly. Smilie
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

ldap search filter

Hi, I am trying to do an ldapsearch with a filter that checks the uid and the userpassword: $filter= "(&(uid=$user) (userpassword=$password)"; $objs = $ldap->search( base => $basedn, filter => "($filter)"); i based it on this example i found on CPAN: $mesg = $ldap->search( ... (2 Replies)
Discussion started by: tine
2 Replies

2. Programming

problem with ldap search using c

hi all i m writin a c program to search ldap db for values. i used the following code after search result return a value >0 if (result==1) { entry=ldap_first_entry(ld,msg); for(....;....;...) { // code to store the data values } } i m gettin an error at... (1 Reply)
Discussion started by: mridula
1 Replies

3. Shell Programming and Scripting

Perl and Net::LDAP, objects and arrays query

Hi I'm not a programmer but am muddling through as best I can. I am trying to set up a PostSearchHook for Radiator (RADIUS server), that carries out an LDAP lookup, and, based on the string returned ("staff" or "student") in the "businessCategory" attribute, will set the $role to be either 40... (3 Replies)
Discussion started by: mikie
3 Replies

4. UNIX for Advanced & Expert Users

ldap search to find dn for user

How can I do a ldapsearch to find a DN for a user when I know the exact cn for that user out of active directory. I have tried several different commands (hundreds) but need the -b with the full dn to perform the search using ldapsearch from AIX. I am trying to find the OU for a user and the... (1 Reply)
Discussion started by: cchart3
1 Replies

5. UNIX for Dummies Questions & Answers

ldap search problem

I am posting in this section because in this regard I am a Dummy. I know very little about ldap. We have a couple of ldap registries running on an AIX box. I can connect into those registries using an openldap browser. But I am trying to run some queries against the registry on the server itself,... (1 Reply)
Discussion started by: fwellers
1 Replies

6. UNIX for Dummies Questions & Answers

ldap , search groups that user belong

i want run query to identify witch groups that user A belong, CN=name,CN=Users,DC=mydomain ?? (1 Reply)
Discussion started by: prpkrk
1 Replies

7. Shell Programming and Scripting

Ldap search query

Hi All, I have a existing Ldap query which take a HOME as variable and gives the result where i grep for a particular line. ldapsearch -h server_domain_name -p 389 -D "uid=user,ou=appadm,o=ent" -w PaB -b "ou=roles,o=ent" "cidx=$HOME" | grep -w "ent: xyz" Now i have 330K Homes in a... (1 Reply)
Discussion started by: posner
1 Replies

8. Emergency UNIX and Linux Support

LDAP and AD Authentication Query

Hi Friends, I have below scenarios . dom1.test.com - LDAP dom2.test.com - AD Requirement is establish a trust relation between LDAP and AD server in such a way that if any user login on LDAP managed authentication server with dom1\username -> get authenticated by LDAP host ... (2 Replies)
Discussion started by: Shirishlnx
2 Replies

9. UNIX and Linux Applications

LDAP Group query

I need to write LDAP group query where I need to find if a particular user is a member of a 2 specific Groups. This is LDAP Novell edirectory implementation. Below are the details - ================ LDIF entry for OndotAPI group dn: cn=OndotAPI,ou=Groups,o=CNS changetype: add ... (0 Replies)
Discussion started by: jhamaks
0 Replies

10. UNIX for Advanced & Expert Users

LDAP Query - host allowed option

I have an in interesting dilemna that I am trying to address. I have some ldap queries that I use to retrieve user information to perform access validations on a quarterly/annual basis. I can successfully pull the local users, and I can use ldapsearch to pull back all the users from the DN as well.... (7 Replies)
Discussion started by: dagamier
7 Replies

LEARN ABOUT REDHAT

ldapfilter.conf

LDAPFILTER.CONF(5)						File Formats Manual						LDAPFILTER.CONF(5)

NAME

       ldapfilter.conf - configuration file for LDAP get filter routines

SYNOPSIS

       /etc/openldap/ldapfilter.conf

DESCRIPTION

       The  file /etc/openldap/ldapfilter.conf contains information used by the LDAP get filter routines (see ldap-getfilter(3)).  Blank lines and
       lines that have a first character of `#' are treated as comments and ignored.  The configuration information consists of lines that contain
       one,  two,  three,  four,  or  five  tokens.  Tokens are separated by white space, and double quotes `"' can be used to include white space
       inside a token.

       The file consists of a sequence of one or more filter sets.  A filter set begins with a line containing a single token called a	tag.   The
       tag is used in the ldap_getfirstfilter(3) call to select the filter set.

       The  filter  set consists of a sequence of one or more filter lists.  The first line in a filter list must contain four or five tokens: the
       value pattern, the delimiter list, a filter template, a match description, and an optional search scope.  The value pattern  is	a  regular
       expression that is matched against the value passed to the ldap_getfirstfilter(3) call to select the filter list.

       The delimiter list is a list of characters (in the form of a single string) that are used to break the value into distinct words.

       The filter template is used to construct an LDAP filter (it is described further below)

       The match description is returned to the called along with a filter as a piece of text that can be used to describe the sort of LDAP search
       that took place.  It should correctly compete both of the following phrases: "One match description match was  found  for..."   and  "Three
       match description matches were found for...."

       The search scope is optional, and should be one of "base", "onelevel", or "subtree".  If search scope is not provided, the default is "sub-
       tree".

       The remaining lines of the filter list should contain two or three tokens, a filter template, a match description and  an  optional  search
       scope (as described above).

       The  filter  template  is  similar  in  concept to a printf(3) style format string.  Everything is taken literally except for the character
       sequences:
	   %v
	   %v$
	   %vN
	   %vM-N
	   %vN-
       A plain %v means to substitute the entire value string in place of the %v.  %v$ means substitute the last word in this spot.  A %vN,  where
       N is a single digit 1-9, means substitute word N in this spot.  Words are number from left to right within the value starting at 1.  A %vM-
       N, where M and N are both single digits 1-9, means substitute the indicated sequence of words.  A %vN-, where N is  again  a  single  digit
       1-9, means substitute word N through the last word in value.

EXAMPLE

       The  following  ldap  filter  configuration file contains two filter sets (finger and go500gw onelevel), each of which contains four filter
       lists.

	 # ldap filter file
	 #
	 finger
	   "="		      " "     "%v"		      "arbitrary filter"

	   "[0-9][0-9-]*"    " "     "(telephoneNumber=*%v)" "phone number"

	   "@"		      " "     "(mail=%v)"	      "email address"

	   "^.[. _].*"	     ". _"   "(cn=%v1* %v2-)"	     "first initial"

	   ".*[. _].$"	      ". _"   "(cn=%v1-*)"	      "last initial"

	   "[. _]"	      ". _"   "(|(sn=%v1-)(cn=%v1-))"	     "exact"
				      "(|(sn~=%v1-)(cn~=%v1-))"      "approximate"

	   ".*" 	      ". "    "(|(cn=%v1)(sn=%v1)(uid=%v1))" "exact"
				      "(|(cn~=%v1)(sn~=%v1))"	     "approximate"

	 "go500gw onelevel"
	   "^..$"  " "	 "(|(o=%v)(c=%v)(l=%v)(co=%v))"       "exact" "onelevel"
			 "(|(o~=%v)(c~=%v)(l~=%v)(co~=%v))"   "approximate" "onelevel"

	   " "	   " "	 "(|(o=%v)(l=%v)(co=%v)"       "exact"	      "onelevel"
			 "(|(o~=%v)(l~=%v)(co~=%v)"    "approximate"  "onelevel"

	   "."	  " "	"(associatedDomain=%v)"       "exact"	     "onelevel"

	   ".*"    " "	 "(|(o=%v)(l=%v)(co=%v)"       "exact"	      "onelevel"
			 "(|(o~=%v)(l~=%v)(co~=%v)"    "approximate"  "onelevel"

       The call ldap_getfirstfilter( lfdp, "finger", "m.smith" ); will return an LDAPFiltInfo structure with the lfi_filter member containing  the
       string (cn=m* smith) with the lfi_desc member containing the string first initial, and lfi_scope containing the value LDAP_SCOPE_SUBTREE.

       The  call  ldap_getfirstfilter(	lfdp, "go500gw onelevel", "umich" ); will return an LDAPFiltInfo structure with the lfi_filter member con-
       taining the string (|(o=umich)(l=umich)(co=umich) with the lfi_desc member containing the string exact, and lfi_scope containing the  value
       LDAP_SCOPE_ONELEVEL.

FILES

       /etc/openldap/ldapfilter.conf

SEE ALSO

       ldap(3), ldap_getfilter(3)

ACKNOWLEDGEMENTS

       OpenLDAP  is  developed and maintained by The OpenLDAP Project (http://www.openldap.org/).  OpenLDAP is derived from University of Michigan
       LDAP 3.3 Release.

OpenLDAP 2.0.27-Release 					  20 August 2000						LDAPFILTER.CONF(5)
All times are GMT -4. The time now is 12:00 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy