Basic LDAP Search Filters – 2

LDAP Search Command: ldapsearch -h <LDAPHost> -p <Port> -D <Bind DN> -w <Bind DN password> -b <Base DN> -s <Scope>  <LDAP Search Filter>

Ex: ldapsearch -h 192.168.1.2 -p 389 -D cn=admin,o=novell -w password -b o=novell -s sub cn=brown

Below example are with attribute CN. But, You can use it with any attribute

1. AND condition (&)

  (&(CN=brown)(SN=mike))   ==> returns all the entries which has attribute CN as “brown” (case insensitive search) and SN as “mike”

  (&(cn=brown)(SN=mike)(zipcode=123456))  ==>  returns all the entries which has attribute CN as “brown” (case insensitive search) , SN as “mike” and zip code as “123456”

2. OR condition  (|)

  (|(CN=brown)(SN=mike)) ==> returns all the entries which has attribute CN as “brown”  or,  SN as “mike”

3. Complex – AND and OR

  (&(|(CN=Michael)(CN=mike))(SN=brown))  ==> returns all the entries which has attribute CN as Michael or, Mike and SN as Brown.

4. FDN in search

  to search group membership, you may use below filter:

  Novell eDirectory:

   (&(cn=mike)(groupmembership=”cn=groupofDirectors, ou=groups, o=company))  ==> this will return any entry whose CN is Mike and is member of group ” groupmembership=”cn=groupofDirectors, ou=groups, o=company”

Advertisements