Date: Sun, 18 Jan 2009 22:32:50 -0600 From: Dan Nelson <dnelson@allantgroup.com> To: Jay Hall <jhall@socket.net> Cc: freebsd-questions@freebsd.org Subject: Re: ldapsearch question Message-ID: <20090119043250.GB45931@dan.emsphone.com> In-Reply-To: <C73DF42B-1235-4671-B9D0-FC112C4D9504@socket.net> References: <C73DF42B-1235-4671-B9D0-FC112C4D9504@socket.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Jan 18), Jay Hall said: > I am running the following against an Active Directory server. > > ldapsearch -D "cn=admin_user,cn=users,dc=xx,dc=com" -x -w "password" - > h 10.129.10.42 -p 3268 -b 'dc=abc,dc=com' -s sub > '(!(objectclass=computer))' '(!(mail=*))' dn mail > > I am trying to return only objects for which the mail attribute is > defined. I think my search is incorrect, and I am searching for the > mail attribute being null. Your search filter is currently (!(objectclass=computer)) , and you are asking for the attributes (!(mail=*)), dn, and mail to be returned. I think you want this: '(&(!(objectclass=computer))(mail=*))' i.e. (objectclass isn't computer) AND (mail attribute is present). http://tools.ietf.org/html/rfc2254 -- Dan Nelson dnelson@allantgroup.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090119043250.GB45931>