Mohnish G j
2013-May-17 09:43 UTC
Optimize LDAP Active Directory search filter query for user email using a substring
In my Rails 3.2.11 app(using ruby 1.9.3-p327) I''m trying to search for
users in AD LDAP by their email.
I am using net-ldap 0.2.2 gem .
The current filter that I''m using is:-
filter = Net::LDAP::Filter.eq( "mail", "*#{str}*")
Here "str" basically refers to a part of a user''s email.
Now this filter will search for entries irrespective of whether its a
group or an actual user in the organisation. **I don''t want it to
search
for group email id''s when doing search for a user record**.
One more thing that I observed is that since I am searching for a
substring, the query is taking longer. If I only search for the trailing
part of the string(pls refer code below) the query returns faster.
filter = Net::LDAP::Filter.eq( "mail", "#{str}*")
Since certain user emails are in the format
lastname.firstname-//Bz/+gSJx1BDgjK7y7TUQ@public.gmane.org , I thought I would
need to use a sub
string search for better results.
I queried LDAP to get separate entry records for a user and a group to
see what could be used as a differentiator in my filter search. I found
that the objectcategory attribute is different wrt a user and a group.
Here''s a sample output of the objectcategory attribute for
a) group
:objectcategory=>["CN=Group,CN=Schema,CN=Configuration,DC=xxx,DC=yyy"]
b) user
:objectcategory=>["CN=Person,CN=Schema,CN=Configuration,DC=xxx,DC=yyy"]
I read about using join filters from the [net-ldap documenation][1]
Based on the above link the filter I would be using is:-
x = Net::LDAP::Filter.eq( "mail", "*mohn*") . This gives
me all
email ids that have "mohn" as a substring .
y = Net::LDAP::Filter.eq( "objectcategory", "*Person*").
I know for
sure somewhere this filter query is incorrect, but how can I change this
to an appropriate search filter for objectcategory ?
I''m using a join on the two filters:-
filter = Net::LDAP::Filter.join(x, y)
How can I change the filter query "y" to give me faster search results
?
Also, I''m not sure if scope option as part of the [search method][2]
can
help me further optimize my query. Can you please throw some light on
the usage of this as well ?
Thanks.
[1]: http://net-ldap.rubyforge.org/Net/LDAP/Filter.html
[2]: http://net-ldap.rubyforge.org/Net/LDAP.html
--
Posted via http://www.ruby-forum.com/.
--
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org
To view this discussion on the web visit
https://groups.google.com/d/msgid/rubyonrails-talk/0817c0b9264b313c801c31f644dc87e4%40ruby-forum.com?hl=en-US.
For more options, visit https://groups.google.com/groups/opt_out.