[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ldap filter question
- To: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
- Subject: ldap filter question
- From: Mik J <mikydevel@yahoo.fr>
- Date: Tue, 2 Oct 2012 14:07:13 +0100 (BST)
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.fr; s=s1024; t=1349183233; bh=MicEdGE4cZK9eKuQmAHEgZHI/l6tU+dovoMav+Wd5DE=; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=Pp2fP0pTYm5+ZAuTT1Fuh1PIbEhPBXlz2q4RVGWZxvAHEyJVZiVPfkjgY3/nGBMhU+JaB45/dWlMEKDKz8xK8Ybxwv5WpbR4H++hlkWFH39YLAZL/W1chbiEvQsr9iEvS++62kij9NGBciaL88Gy/jnwxcNbUabB1urX+FSyfEQ=
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.fr; h=X-YMail-OSG:Received:X-Mailer:Message-ID:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=4HSR6mI739Atu/eFY3HB3V3Sw283WMcjQHaeE5dXhFJyryzwwV5aBgEaGr6whyRurjvNzf+uvz2mAIq/dF5NY7Fi3RAotCA3waRSliRo3a7gAUucqnUxP2Ijw3Zx8pqKy6Pnll9us2hlpbfMK+92VQT+ReznbXMWFcyJoQrobeM=;
Hello,
I have made some tests with the filter option and had this rule that working
access to dn.subtree="dc=mycompany,dc=org" filter=(!(|(o=Company2)(o=Company3)))
by dn="uid=user1,ou=people,dc=mycompany,dc=org" read
by * break
Users from Company 1 and 4 are displayed
But this rule is not exactly what I need. I wrote a negative condition and I would like this condition to be positive.
I tried this rule:
access to dn.subtree="dc=mycompany,dc=org" filter=(|(o=Company1)(o=Company4))
by dn="uid=user1,ou=people,dc=mycompany,dc=org" read
by * break
The ldap search query returns no entry whereas I expected it to return the list of users Companies 1 and 4
# ldapsearch -x -W -D uid=user1,ou=people,dc=mycompany,dc=org -b "ou=people,dc=mycompany,dc=org"
Does someone have an idea about what's wrong with my rule ?