LDAP Query String Characters and Examples
Special characters can be used in LDAP queries when defining LDAP containers.
| Special Character | Meaning |
|---|---|
| * | Wild card character. Matches zero or more of any character. |
| & | Logical AND. Returns resources that satisfy the first string AND the second string.
Place this special character to the left of the first query string, then enclose the entire expression in parentheses, as follows: (&(string1)(string2)) |
| | | Logical OR. Returns resources that satisfy the first string OR the second string.
Place this special character to the left of the first query string, then enclose the entire expression in parentheses, as follows: (|(string1)(string2)) |
| ! | NOT. This means that you want all resources that do NOT match the specified value.
Place this special character to the left of the query string to which it applies, inside of the parentheses: (!(string)) |
Examples
The following are examples of LDAP query strings:
- The following query returns all resources that have sn attribute values beginning with “s”:
(sn=s*)
- The following query returns all resources that have sn attribute values beginning with “s”
or “p”:
(|(sn=s*)(sn=p*))
- The following query returns all resources with carlicense attribute values equal to “Full”
and employeetype attribute values equal to “Permanent”:
(&(carlicense=Full)(employeetype=Permanent))
- The following query returns all resources where sn attribute values
don’t
start with “s” and
don’t start with “p”:
(&(!(sn=s*))(!(sn=p*)))
Note: Depending on the specific LDAP Server being used, the query syntax can vary. If the syntax described above does not return the expected results, consult the documentation for your LDAP Server.
Note that the values in a particular LDAP attribute may not be consistent across different LDAP Servers.
Copyright © Cloud Software Group, Inc. All rights reserved.