Tobias
Reputation: 11
OR in LDAP filter not working as expected
I'm using Authentik's LDAP provider and am trying to create a filter which returns both users and groups. This lead me to the following filter:
(|(objectClass=posixAccount)(objectClass=posixGroup))
However this query only returns posixGroups. But when I use the following filter:
(|(objectClass=posixGroup)(objectClass=posixAccount))
only posixAccounts are returned.
I thought this or operation was supposed to actually act as an or. So either I'm really missing something or there's an issue with Authentik's LDAP implementation.
Additional context: objectClass in this case (and I believe most implementations) is an attribute which appears multiple times, so maybe there's something I'm missing there.
Upvotes: 1
Views: 87
Answers (0)
Related Questions
- What are CN, OU, DC in an LDAP search?
- Ldap "&(uniquemember=cn=customer,cn=Groups,dc=uk,dc=mysitexxx,dc=com)(objectclass=groupofuniquenames))" , what does the filter mean?
- Find users of security group with django-python3-ldap
- How to apply additional search query to LDAP
- What are the differences between LDAP and Active Directory?
- LDAP multiple structural objectclasses
- Import Users From LDAP to Liferay
- LDAP Bad Search Filter