Menu
is there a way to query LDAP with a syntax similar to the "IN" statement in SQL? I mean by providing a list of value instead of repeating the field name again and again.
Let me explain:)
I have a query similar to:
(|(name=joe)(name=bill)(name=mark)(name=john)(name=rob))
Is there a way to shrink this query to get something like this:
(name=joe,bill,mark,john,rob)
Thanks
616
Note: LDAP syntaxes do not have a textual name. They are identified only by the numeric object identifier. The LDAP syntaxes supported by the z/VM LDAP server fall into two categories. The first set, as shown in Table 1, would be used when defining attribute types that are used for directory data.
The easiest way to search LDAP is to use ldapsearch with the “-x” option for simple authentication and specify the search base with “-b”. If you are not running the search directly on the LDAP server, you will have to specify the host with the “-H” option.
Search Filter is a basic LDAP Query for searching users based on mapping of username to a particular LDAP attribute.
Unfortunatelly no. The ldapsearch filter has to conform to the RFC2254 standard.
But you can always write your own wrapper (for example shell script invoking ldapsearch) that will rewrite your list-like syntax into proper RFC2254 syntax :)
150
Also, I'd guess you want that query to use | instead of &.
24
No, however the results you desire are achievable in several ways. One is to group the entries together in some way. It reasonable to assume that "joe", "bill", "mark", and the others have something in common. Using the groupOfUniqueNames object class, the directory administrator can place "joe", "bill", "mark", and the others in a group so that they can be retrieved.
Alternatively, if "joe", "bill", "mark", and the others have attributes in common, a dynamic group can be used where the contents of the group are determined by a filter. For example, if "joe", "bill", "mark", and the others report to the same manager, and the manager's entry is name=matthew,ou=managers,dc=example,dc=com, "joe", "bill", "mark", and the others might have an attribute managersDn with the value name=matthew,ou=managers,dc=example,dc=com. The directory administrator could create a dynamic group by using a filter managerDn=name=matthew,ou=managers,dc=example,dc=com. The advantage of the dynamic group are that the group is updated each time it is part of a search, it need not be updated manually.
Alternatively, some professional-quality directory servers support the use of virtual attributes that cause an atribute to be generated for an entry based on some other condition.
Suffice it to say that, assuming the entries for which you search are related in some way, group them together using a directory server grouping mechanism. If they are not related, the then filter must be as you list, except with an | instead of an a &.
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
