Contextless LDAP Query

Articles and Tips: qna

01 Nov 2002

Q.

Is there a way to perform a contextless LDAP query? Our IS department would like to be able to perform an LDAP query in order to obtain a user's full name without knowing the user's fully Distinguished Name. Is this possible?

Querying in Quebec

A.

Dear Querying: In a sense you can do what you are asking. In LDAP, you define a search base, such as ou=users,o=uga. Then you define a scope--for example, base, one, and sub.

• Base= search the object specified by the base only

• One= search the container specified by the base only

• Sub= search the container specified by the base and all subtrees of that container.

So, if you have users all over the directory tree, you could specify a base o=acadiau with a search scope of sub and find everything in the tree. The filter would look like (cn=username).

Of course, if the replicas of this data aren't on the server you query, it will need to tree-walk to find them, which may lead to a performance hit. In summary, the LDAP query set your base context to the topmost OU that contains users and you should be able to access the user's object without knowing their context.

* Originally published in Novell AppNotes

---

Disclaimer

The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.

• Feedback
• Print
  •  
  • Full
  • Simple
•  
• Request a Call
• Follow Us
  •  
  • Facebook
  • YouTube
  • Twitter
  • LinkedIn
  • Newsletter Subscription
  • RSS