问题
is there a way I could search on LDAP using a regular expression for a field? I am using ldapsearch or "Sun Java System Directory Server control center" for the search.
回答1:
The answer is NO you can't. Why ?
Because the LDAP standard describes an LDAP-SEARCH as kind of function with 4 parameters :
- The nod where to begin the search which is a Distinguished Name (DN)
- The attributes you want to be brought back
- The depth of the search (base, one-level, subtree)
- The filter.
You are interested in the filter.
MSDN Syntax Documentation
LDAP Explorer Documentation
Beyond the syntax
The thing you must understand, is that operators between attributes and values and wildcard inside values, interact with the matching rules which are part of the SCHEMA of your Directory. In ex Sun Directory (now oracle) each attribute can be setup with three matching rules (equality, ordering, substring).
回答2:
LDAP supports 'substring' searches, which are not quite the same thing as wildcards. Examples of substring filters are '(uid=abc*)' and '(mail='john@*.com')' and so forth.
It is usually wise to contact your directory services administrator and ask for any attributes you intend to use in the filter to be indexed for substring searches. Professional LDAP servers support substring searches, and in order for the searches to be indexed, a minimum number of characters may need to be specified. For example, if the server is the Sun Directory Server (Sun ONE, DSEE, or SJS DS), two characters are required before the '*' character in a filter before indexes become effective, like '(mail=ab*)' might use indexes, whereas '(mail=a*)' might not use indexes.
回答3:
The LDAP protocol, in a fashion similar to SQL, supports basic wildcard matching but not Regular Expressions.
来源:https://stackoverflow.com/questions/6293231/ldap-search-using-regular-expression