Uncle Hildegard wrote: > I have a DIT that contains objects like this: > > uid=test,ou=user,ou=sales,o=Testcompany > > Now I want to find out all objects that have "sales" in their DN. Try out the filter (ou:dn:=sales) > "entryDN": > ldapsearch -x "(entryDN=*sales*)" cn > That search didn't find anything. > > After that I tried > ldapsearch -x "(entryDN=uid=test,ou=user,ou=sales,o=Testcompany)" cn > and got the expected result. > > Now it seems that as soon as I use a wildcard in the filter argument the > search returns nothing. > Even > ldapsearch -x "(entryDN=uid=test,ou=user,ou=sales,o=Testcompan*)" cn > returns nothing. entryDN is of LDAP syntax Distinguished Name (1.3.6.1.4.1.1466.115.121.1.12) for which substring matching does not work just like for Directory String. Look into the server's subschema subentry to find the applicable matching rules. On my OpenLDAP server these are: distinguishedNameMatch, dnOneLevelMatch, dnSubordinateMatch, dnSubtreeMatch, dnSuperiorMatch > I've also tried things like > ldapsearch -x "(entryDN:dnSubtreeMatch:=*sales*)" cn > which returned no result either. This should be (entryDN:dnSubtreeMatch:=ou=user,ou=sales,o=Testcompany) Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature