Regarding LDAP Search Filter
 

I have a question regarding LDAP search. Suppose i want to search a number say "123" and if LDAP has entries like "123#" or "1-2-3" what should be the LDAP Search filter which needs to be provided. I tried "*123*" but it doesnt work in case of "1-2-3".

If your LDAP records are searchable then you would need to use something along these lines:To properly search your LDAP records you will need to make sure that all authenticated users can read all records otherwise you will not be able to search the records properly.

Ya i am aware we can search this way. But the problem is the series of digits nor the number of digits are not fixed!!

Additionally, your logic will not work because if the Search filter is say "*1*2*3" as you say, then if there's a number "19253" in LDAP DB , then this number will be returned as matching the search criteria even though that's not remotely matching the input number "123" :)

To make things more clear, this is what is required from the LDAP search

1> DB contains 1-2-3 , Input is 123, then it should match this
2>DB Contains 19253 , Input is 123, then it should not match

Yes, that does make a difference in the type of search you are doing.

Above are some examples of typical LDAP search filters. Depending on what you are searching for then it will depend on the criteria that you need to provide. And as stated before any search that is is structured with the wild card * should return any result that contains anything so searching for the following strings:
I only pointed out the search ability of your LDAP records as I, like many, have over looked that aspect and was only attempting to assist. The lack of information provided in your original post only allows one to post points and provide possible options but they are limited by the amount of information provided.

Here is a link to some Microsoft provided LDAP information as it does provide a little information on how to structure your searches.

http://msdn.microsoft.com/en-us/libr...=vs.85%29.aspx

and for even more reference material on how to search LDAP take a look at the following

http://linux.die.net/man/1/ldapsearch

http://www.centos.org/docs/5/html/CD...dapsearch.html

Thanks. However my requirement is very simple.

Input string is dynamic.

Lets say 123 is the input string and DB has 10203 , 19293 , 1-2-3 , 123 . Then Search should return only 1-2-3 and 123.

The only thing which is fixed here is that the input will always be numbers and db will also contain numbers only.

I tried using approx(id ~= 123) but it returns all the 4 entries in db.Maybe i need to add an extra filter to it with & to filter it down further..Any ideas?

There might be a slight communication error going on. When you say DB are you referring to your LDAP Records, or are your referring to a MySQL Database. Typically DB is used for MySQL and records or LDIF is the file structure for LDAP. The reason I ask this is to be able to narrow down your search would be to identify the field that you are trying to search.

For LDAP if you are trying to find say an address then you would use something like so:

ldapsearch -LLL -s one -b "c=US" "(o=University*)" o streetAddress

If my LDAP structure was c=us,dc=warezwaldo,dc=us and under the countries I had the following Orginizations: College, University, Community College, Tech Schools, and under each of these where states, and under the states were cities. The above search would then search all of the records under the US node for any entry with University in the name at the start of its name.

So your wish to run a search for 123 as simple as it sounds needs more explanation as to what you are trying to search for with in the LDAP records. Whether you are creating an app for users to input the search criteria or if you are trying to write a CLI script to automate tasks if oyu search for sn=123 you will only get the results that match your search. If you are trying to get a range then you could use some like sn=sn* this would give you results for anything in the sn group that starts with sn.



Now if the misunderstanding is that you are attempting to search a MySQL database then you could try something like this: select * from 'users' where id = '123'; this will only return the results for the one entry with id of 123. If you are not sure what you are looking for then you would use something like so: select * from 'users' where id like '%123'

Sorry. What i meant to say was LDAP BDB not my SQL.

The structure of Records in LDAP are Name and Number. There is only one Organization.Its basically an app for user to get a name based on Number inputted(Kind of like a mobile phonebook).

Lets consider the following simple structure of LDAP records.

Name/Number
a/123
b/1-2-3
c/19293

Now if i enter an input from the app as 123, then i should be able to get the Names "a,b".

If my Search Filter is as you say (o=*123*), then it fetches only "a". It ignores "b" eventhough its valid as well.
If my Search Filter is (o ~= 123)then it fetches a,b,c. However c is no where close to what is required.

As far as i saw on web, there doesn't seem to be a direct search filter for getting this kind of search result.

ok, that makes much more sense.

Yeah there is no direct way to do what you want without using multiple filters. You could structure an for loop to run through the LDAP returned values and do a string compare on the 2 values. This would allow you to structure your output as you are wanting.


sorry if that doesn't help

Thanks .let me check!