HP-UX Directory Server Administrator Guide HP-UX Directory Server Version 8.1 (5900-3098, May 2013)

ManualsBrandsHP ManualsSoftwareHP-UX Directory Server

551

552

553

554

555

556

557

558

559

560

The set of attributes returned here can be limited by specifying the attribute names at the end of

the search line. For example, the following ldapsearch command performs both searches but

returns only the DN and the givenname and sn attributes of each entry:

ldapsearch -h mozilla -f searchdb sn givenname

B.2.4.8 Specifying DNs that contain commas in search filters

When a DN within a search filter contains a comma as part of its value, the comma must be

escaped with a backslash (\). For example, to find everyone in the example.com Bolivia,

S.A. subtree, use the following command:

ldapsearch -h mozilla -s base -b "l=Bolivia\,S.A.,dc=example,dc=com" "objectclass=*"

B.2.4.9 Using client authentication when searching

This example shows user bjensen searching the directory using client authentication:

ldapsearch -h mozilla -p 636 -b "dc=example,dc=com" -N "bjensenscertname"

-Z -W certdbpassword -P /home/bjensen/certdb/cert8.db "givenname=Richard"

B.3 LDAP search filters

Search filters select the entries to be returned for a search operation. They are most commonly

used with the ldapsearch command line utility. When using ldapsearch, there can be multiple

search filters in a file, with each filter on a separate line in the file, or a search filter can be specified

directly on the command line.

For example, the following filter specifies a search for the common name Babs Jensen:

cn=babs jensen

This search filter returns all entries that contain the common name Babs Jensen. Searches for

common name values are not case sensitive.

When the common name attribute has values associated with a language tag, all the values are

returned. Thus, the following two attribute values both match this filter:

cn: babs jensen

cn;lang-fr: babs jensen

For a list of all the supported language tags, see Table 85 (page 574).

The basic syntax of a search filter is:

attribute operator value

For example:

buildingname>=alpha

In this example, buildingname is the attribute, >= is the operator, and alpha is the value. Filters

can also be defined that use different attributes combined together with Boolean operators.

Search filters are described in detail in the following sections:

• “Using attributes in search filters” (page 560)

• “Using operators in search filters” (page 561)

• “Using compound search filters” (page 561)

• “Search filter examples” (page 562)

B.3.1 Using attributes in search filters

When searching for an entry, the attributes associated with that type of entry can be specified,

such as using the cn attribute to search for people with a specific common name.

Examples of attributes that people entries include are the following:

• cn for the person's common name.

• sn for the person's surname, last name, or family name.

• telephoneNumber for the person's telephone number.

560 Finding Directory Entries