Reputation: 1087
LDAP Queries using Pattern Matching
Is it possible with LDAP queries to filter on patterns similar to Regular Expressions? For example, to find all computer objects with names that match "ABC-nnnnnn" where "n" is a numeric digit and only those with 6-digits?
Upvotes: 1
Views: 10629
Answers (3)
Reputation: 11134
LDAP search filters do not support the concept of pattern matching, but they do support the
concept of ordering. LDAP clients should consult the schema programmatically to determine which ordering rules
are used for attributes, and if an appropriate ordering rule is supported, a combination of
greaterOrEqual and lessOrEqual filter components in a compound filter might work. Whether or
not the results are as expected depends completely on the ordering rules.
For example:
ldapsearch -h hostname -p port \
-b basedn -s scope \
`(&(cn>=abc-000000)(cn<=abc-999999))` attribute_list
As above, whether this returns the expected results depends on the ordering rules. Consult your friendly neightborhood LDAP admin for help with ordering rules and schema.
see also
- LDAP: Protocol search request
- LDAP: Mastering Search Filters
- LDAP: Search best practices
- LDAP: Programming practices
Upvotes: 0
Reputation: 4503
There's no capability to do this aside from the wildcard suggestion.
Upvotes: 0
Reputation: 141588
To my knowledge LDAP only supports wildcards, like:
(CN=ABC-*)
That'll grab anything that starts with ABC-. You would probably have to further filter the results using something else like PowerShell, or programming language of your choice.
Upvotes: 1
Related Questions
- Active Directory Query using LDAP Query in custom search
- How to apply additional search query to LDAP
- LDAP Query the global catalog
- Search over partial,repetable,dn attribute
- Regarding LDAP Search Query
- Active Directory search filter example
- LDAP search using regular expression
- Active Directory Searchable Filters
- Active Directory Custom Search LDAP query
- Generic LDAP base for search?