[Date Prev][Date Next] [Chronological] [Thread] [Top]

LDAP backend filtering

To: openldap-technical@openldap.org
Subject: LDAP backend filtering
From: Smarti9@gmx.de
Date: Thu, 07 Jun 2012 22:14:37 +0200

Hi everybody,

I'm quite new to openldap and I'm currently trying to find a solution for the following problem:

To populate an address book I need to read users and some attributes from an Active Directory. I need to map several attributes to a new attribute name. More important is to filter on active users and skip the disabled ones. My address book application is not able to do this, it can simply query the whole AD.

My idea was to use openldap as some kind of proxy between the application and the AD. I've setup openldap with the following configuration:

database ldap
suffix  "dc=xxxx,dc=local"
uri  "ldap://192.168.50.1";
rebind-as-user
protocol-version 3
overlay rwm
rwm-map attribute uid samaccountname
rwm-map attribute address street

This works perfect for getting the data out of the AD and remap the attribute names.
Unfortunately I wasn't able to restrict the results to active users. The query string which does this looks like this:

"(&(objectClass=User)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"

Can anyone please point me to the right direction how I can set this as a filter towards the AD to only get back the results matching this filter?

Thanks a lot to everyone for your help!
Michael
-- 
NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone!                                  
Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a

Follow-Ups:
- Re: LDAP backend filtering
  - From: Dieter KlÃnter <dieter@dkluenter.de>

Prev by Date: Re: Migrating 2.4 issue
Next by Date: back-sql slow searches
Index(es):
- Chronological
- Thread