Reputation: 13
LDAP filter: Can I search for the department number of a client in a multi-valued attribute?
Can I retrieve the department number of a customer out of a multi value attribute? Lets assume that I have a user which can get access to several customers and all the customers have other department structures. So, I want to store these information in a multi value field with the following structure: customer:departmentNumber
Now the example: I would like to retrieve the department number 124 from customer 400, how is this possible? Example of user below:
dn: cn=joe,ou=people,dc=company,dc=com
cn: joe
department number: 300: 1; 400: 124; 108: 25;
I just want to retrieve the 124, nothing else. Is it something like this? departmentNumber=400:*;
Upvotes: 0
Views: 1866
Answers (2)
Reputation: 11216
You cannot retrieve just
departmentnumber: 400: 124
if the user entries contain more than on value for the attribute departmentnumber. LDAP will return all of the values for deparmentnumber for that user entry and you will need to exclude the ones you don't want on the client side.
The best you can do from a retrieval perspective is this...
dn: cn=joe,ou=people,dc=company,dc=com
departmentnumber: 300: 1
departmentnumber: 400: 124;
departmentnumber: 108: 25;
if departmentnumber is multi-valued too you cannot guarantee the sort order.
Upvotes: 0
Reputation: 10996
In the structure shown, you have no method to identify "customer 400".
BTW: "department number" would not be a valid LDAP attribute name.
Not sure what format the structure is in either.
In LDIF format the structure would be more like:
dn: cn=joe,ou=people,dc=company,dc=com
cn: joe
departmentnumber: 300
departmentnumber: 1
departmentnumber: 400
departmentnumber: 124
departmentnumber: 108
departmentnumber: 25
customer: 400
In which case the filter would be:
(&(customer=400)(departmentnumber=400))
If you were using ldapsearch it would look something like:
ldapsearch -D "cn=Administrator" -w secret -p 389 -h dc.company.com -b "ou=people,dc=company,dc=com" -s sub "(&(customer=400)(departmentnumber=400))"
This would return all entries that match the filter "(&(customer=400)(departmentnumber=400))".
If you receive a searchResult, you can be assured that the departmentnumber=400.
You might get more than one result.
-jim
Upvotes: 0
Related Questions
- LDAP Filter in DN-String attribute
- ldap filter to search for multiple values for an attribute
- Filtering returned LDAP attributes by value
- Filtering LDAP returned attributes
- LDAP search with custom attributes filter
- Ldap search for objects where attribute X contains multiple values
- How to use a DN containing commas as the attribute value in an LDAP search filter?
- LDAP: how to create search filters for nested attributes and values?
- LDAP search on multiple fields like an if/else-statement
- Can I search for entries that have *only* certain values in a multi-valued attribute?