Re: Search issue (objectclass=person) (Possible dupe email)

[Howard Chu <hyc@symas.com>]

Tuc wrote:
> On 2014-05-16 13:02, Howard Chu wrote:
> > Michael StrÃder wrote:
> > > Tuc wrote:
> > > > Is there some way I can modify the query to only get ones that
> > > > would look like :
> > > >
> > > > dn: uid=tuc,ou=People,dc=example,dc=com
> > > > objectClass: radiusprofile
> > > > objectClass: pwmUser
> > > > objectClass: top
> > > > VVVVVVVVVVVVVVVVVVV
> > > > objectClass: person
> > > > ^^^^^^^^^^^^^^^^^^^
> > > > objectClass: posixAccount
> > > > objectClass: organizationalPerson
> > > > objectClass: inetOrgPerson
> > >
> > > I think there's a misunderstanding on your side:
> > > If an entry has 'inetOrgPerson' as its structural object class it
> > > also has
> > > object classes 'organizationalPerson' and 'person' no matter whether
> > > those
> > > attributes values were added to attribute 'objectClass'.
> >
> > But you could, of course, filter on
> > (&(objectclass=person)(!(objectclass=inetorgperson))) if you wanted.
> >
> > > You should try to describe what you really want to finally achieve.
>
>
> If I do that filter on my ou=People, I get nothing. If I do it on our
> base DN,I actually end up with all our service accounts.

Sounds like exactly what the filter should do. To get just the people, invert 
the filter again. If you don't understand boolean logic, you need more help 
than you should expect from this list.

--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/