Rich Megginson
2005-Jul-01 17:53 UTC
[Fedora-directory-users] [Fwd: Re: [LDAP-interop] LDAPv3 NOT search filter behavior]
-------- Original Message -------- Subject: Re: [LDAP-interop] LDAPv3 NOT search filter behavior Resent-Date: Fri, 1 Jul 2005 17:33:29 +0000 (GMT) Resent-From: richm@stanfordalumni.org Date: Fri, 01 Jul 2005 12:33:26 -0500 From: Benjamin Lewis <bhlewis@purdue.edu> To: richm@stanfordalumni.org, OpenLDAP interoperability list <ldap-interop@fini.net> CC: quanah@stanford.edu On July 1 2005, Rich Megginson wrote:> What happens if you specify the uid attribute to be returned?The uid attribute is returned for those entries that have one.> ldapsearch "(!(uid=quanah))" uid > ? Does it return only those entries that have a uid attribute? Does > OpenLDAP omit entries from the search results that match the search > filter but do not contain the attribute listed in the attribute list in > the search request?No. You might use something like ''(&(uid=*)(!(uid=quanah)))'' to return only the entries that have a uid attribute. It would probably be better to use objectClass to restrict the search to the type of objects you''re looking for. Perhaps something like ''(&(objectclass=posixAccount)(!(uid=quanah)))''. -Ben -- Benjamin Lewis <bhlewis@purdue.edu> Security Analyst, Identity and Access Management IT Security and Privacy Purdue University