jspωiki
LDAP Query Basic Examples
Your trail: 

Overview#

LDAP Query Basic Examples are some simple examples of LDAP Search Filters Examples as used in a Search Request showing some of the LDAP Filter Choices.

Return all LDAP Entries for an AttributeType#

ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(mail=*)" # returns all entries which have a mail attribute
or entries without a Attribute Value 
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(!(mail=*))"" # returns all entries which have no mail attribute value

Return All LDAP Entries#

ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(objectclass=*)"" # returns all entries

Wildcard LDAP SearchFilters#

ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(mail=*@*)" # return entries with any valid [rfc822Name] [mail] address
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(sn=s*)"" # returns entries with surnames starting with s or S
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(telephonenumber=*555)"" # return entries with telephone numbers that end with 555
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(cn=*a*i*)" # return entries with common names with both a and i anywhere

Compound LDAP SearchFilters using AND SearchFilter#

Must have value that match all of the individual LDAP SearchFilters (used above) 
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(&(mail=*@*)(sn=s*)(telephonenumber=*555)(cn=*a*i*))

Compound LDAP SearchFilters using OR SearchFilter#

Must have value that will match all anyone the individual LDAP SearchFilters (used above) 
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(|(mail=*@*)(sn=s*)(telephonenumber=*555)(cn=*a*i*))

Date (GeneralizedTime) LDAP SearchFilters #

ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(createTimestamp>=20190101000000Z)" # will match any entry that has a createTimestamp value that is __greater than or equal__ to 20190101000000Z.
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(createTimestamp<=20200101500000Z)" # will match any entry that has a createTimestamp value that is __less than or equal__ to 20200101500000Z.

Match any dates Greater than or equal to 20190101000000Z but less than or equal to 20200101500000Z 

ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(&(createTimestamp>=20190101000000Z)(createTimestamp<=20200101500000Z))"

Exact Match #

ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(sn=smith)"" # exact match returns Smith but NOT Smit
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(objectclass=person)"" #return entries which use person objectclass

More Information#

There might be more information for this subject on one of the following:
This page (revision-8) was last changed on 10-Jan-2020 15:11 by jim Top

Main page
About
Recent Changes
Tools Page

Lead Pages#

WikiEtiquette
Find pages
Unused pages
Undefined pages
Page Index
News


Site Maintained By -jim

Costs of Wiki

Donations#

If you like Ldapwiki, please consider a donation.

Donation for LDAPWiki


Active Sessions78
Uptime2d, 5h 49m 57s
Number of pages16256

JSPWiki v2.10.1
jspωiki
Please see our Copyright And Intellectual Property Page and Standard Disclaimer Pages!
JSPWiki v2.10.1