Basic LDAP Search Filters

LDAP Search Command: ldapsearch -h <LDAPHost> -p <Port> -D <Bind DN> -w <Bind DN password> -b <Base DN> -s <Scope>  <LDAP Search Filter>

Ex: ldapsearch -h 192.168.1.2 -p 389 -D cn=admin,o=novell -w password -b o=novell -s sub cn=user

Below example are with attribute CN. But, You can use it with any attribute

1. Equal

CN=User  ==> returns all the entries which has attribute CN as “user” (case insensitive search)

2. presence:

CN=*  ==> returns all the enteries which has at least one value for attribute “CN”

3. start with

CN=User*  ==>  Returns all the entries which has at least one value for CN which starts with “User”

Matches:  User , User123 , User-123 , UserRam

Will not match: Use , AuserA , UseA

4. Ends with :

CN=*User  ==>  Returns all the entries which has at least one value for CN which ends with “User”

Matches: User , AUser , KJHksdahaksdjh*aUser , 7678User

Will not match :   User123 , User-123 , UserRam

5. Is not Equal to

(!(CN=User)) ==> Returns all the entries which does not have value for CN as “User”

6. like

CN~=User

6. Greater than

employeeId >= 100 ==> Returns all the entries whose employee ID is greater than 100

7. Less than

employeeId <= 100 ==> Returns all the entries whose employee ID is less than 100

Advertisements