[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Fwd: ldapsearch using entryCSN
> Hi,
>
> I'm trying to search entries in an OpenLDAP (v2.4.7) directory using their
> last modification date as a criteria.
"modifyTimestamp"?
> Digging in the schemas, I couldn't
> find an attribute that contained such a value. The only thing I found was
> the internal attribute "entryCSN" used by OpenLDAP to manage
> synchronization.
>
>
>
> I tried to do several ldapsearch queries, but I couldn't manage to obtain
> a
> decent result.
>
> Using "(&(objectClass=groupOfUniqueNames))"
> => I get every group of the directory. I can see that lots of them were
> modified in 2009
>
> Related problem :
> Using "(&(objectClass=groupOfUniqueNames)(entryCSN<=20091224))"
> => The slapd2.4 process stops without returning anything.
>
> Using "(&(objectClass=groupOfUniqueNames)(entryCSN <= 20091224))"
> (The same query with spaces)
> => I don?t get any result. Shouldn't I retrieve the entries modified
> before
> 2010/12/24 ?
>
> Using "(&(objectClass=groupOfUniqueNames)(entryCSN >= 20091224))"
> => I don?t get any result. Shouldn't I retrieve the entries modified after
> 2010/12/24 ?
>
>
>
> - Does anyone know how to filter entries using their entryCSN?
> - Btw, is it even possible?
It is; it uses the csnOrderingMatch rule. However, to use that rule, you
need to provide a valid CSN assertion value, and yours isn't. A CSN is
something like
YYYYmmddHHMMSS.uuuuuuZ#SSSSSS#SID#ssssss
See <http://www.openldap.org/faq/data/cache/1145.html> for a description
of the syntax. Your search would be
(entryCSN>=20091224000000.000000Z#000000#000#000000)
You can specifically select modifications related to a single server by
using the CSNSIDMatch rule, e.g.
'(&(entryCSN>=20091224000000.000000Z#000000#000#000000)(entryCSN:CSNSIDMatch:=002))'
only evaluates entryCSN whose SID is 002 (the SID portion is not evaluated
in the CSNOrderingMatch rule).
p.