!!! Overview
[{$pagename}] are some simple [examples] of [LDAP Search Filters Examples] as used in a [Search Request] showing some of the [LDAP Filter Choices].


!! Return all [LDAP Entries|LDAP Entry] for an [AttributeType]
{{{
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(mail=*)" # returns all entries which have a mail attribute
}}}
or entries without a [Attribute Value]
{{{
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(!(mail=*))" # returns all entries which have no mail attribute value
}}}

!! Return All [LDAP Entries|LDAP Entry]
%%prettify 
{{{
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(objectclass=*)" # returns all entries
}}} /%


!! Wildcard [LDAP SearchFilters]
%%prettify 
{{{
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(mail=*@*)" # return entries with any valid [rfc822Name] [mail] address
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(sn=s*)" # returns entries with surnames starting with s or S
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(telephonenumber=*555)" # return entries with telephone numbers that end with 555
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(cn=*a*i*)" # return entries with common names with both a and i anywhere
}}} /%

!! Compound [LDAP SearchFilters] using [AND SearchFilter]
Must have value that match all of the individual [LDAP SearchFilters] (used above)
%%prettify 
{{{
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(&(mail=*@*)(sn=s*)(telephonenumber=*555)(cn=*a*i*))
}}} /%

!! Compound [LDAP SearchFilters] using [OR SearchFilter]
Must have value that will match all anyone the individual [LDAP SearchFilters] (used above)
%%prettify 
{{{
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(|(mail=*@*)(sn=s*)(telephonenumber=*555)(cn=*a*i*))
}}} /%

!! [Date] ([GeneralizedTime]) [LDAP SearchFilters] 
%%prettify 
{{{
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(createTimestamp>=20190101000000Z)" # will match any entry that has a createTimestamp value that is __greater than or equal__ to 20190101000000Z.
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(createTimestamp<=20200101500000Z)" # will match any entry that has a createTimestamp value that is __less than or equal__ to 20200101500000Z.
}}} /%

Match any dates Greater than or equal to 20190101000000Z but less than or equal to 20200101500000Z
%%prettify 
{{{
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(&(createTimestamp>=20190101000000Z)(createTimestamp<=20200101500000Z))" 
}}}


!! Exact Match
Shows an [EqualityMatch] [LDAP Filter Choice]
%%prettify 
{{{
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(sn=smith)" # exact match returns Smith but NOT Smit
ldapsearch -D "cn=exampleuser,example.com" -w secret -p 389 -h server.example.com -b "dc=example,dc=com" -s sub "(objectclass=person)" #return entries which use person objectclass
}}} /%


!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]