Reputation: 347
Better way to query an LDAP users via ruby net-ldap?
Is there a better way to search for users and computers specifically using the Net-ldap gem?
Here is what I am currently having to do to get only users.
results = search :base => @base, :filter => Net::LDAP::Filter.eq("cn", "*")
@results = Array.new
results.each do |result|
@results.push result if result[:objectclass].include? "person" unless result[:objectclass].include? "computer"
Seems like there would be a better way. I can't see anything obvious in the documentation.
Upvotes: 3
Views: 4491
Answers (2)
Reputation: 2085
You can use the Join filter functionality of net-ldap:
filter = Net::LDAP::Filter.eq("sAMAccountName", "*")
filter2 = Net::LDAP::Filter.eq("objectCategory", "organizationalPerson")
joined_filter = Net::LDAP::Filter.join(filter, filter2)
ldap.search(:base => treebase, :filter => joined_filter) do |entry|
puts entry.sAMAccountName
end
Upvotes: 5
Reputation: 11132
If you know the objectClass that is used for persons, you could use the filter '(objectClass=person)', replacing 'person' with the objectClass. Most implementations will use 'person' or an objectClass that inherits from 'person' such as 'inetOrgPerson'. Using the filter '(cn=*)' will most likely get entries that are not persons.
Try using Filter.eq("objectClass","person")
Upvotes: 2
Related Questions
- Ruby net-ldap add user
- net-ldap credentials error due to simple vs generic method
- net-ldap create user with password
- Search for "Enabled" users in net-ldap for Ruby
- LDAP Query to get users based on attributes
- net-ldap authentication format in rails?
- LDAP through Ruby or Rails
- ActiveLdap find users by attribute
- Ruby - AD/LDAP auth - read user details
- Rails LDAP login using net/ldap