Uncle Hildegard wrote:
I have a DIT that contains objects like this:
uid=test,ou=user,ou=sales,o=Testcompany
Now I want to find out all objects that have "sales" in their DN.
Try out the filter (ou:dn:=sales)
"entryDN": ldapsearch -x "(entryDN=*sales*)" cn That search didn't find anything.
After that I tried ldapsearch -x "(entryDN=uid=test,ou=user,ou=sales,o=Testcompany)" cn and got the expected result.
Now it seems that as soon as I use a wildcard in the filter argument the search returns nothing. Even ldapsearch -x "(entryDN=uid=test,ou=user,ou=sales,o=Testcompan*)" cn returns nothing.
entryDN is of LDAP syntax Distinguished Name (1.3.6.1.4.1.1466.115.121.1.12) for which substring matching does not work just like for Directory String. Look into the server's subschema subentry to find the applicable matching rules.
On my OpenLDAP server these are: distinguishedNameMatch, dnOneLevelMatch, dnSubordinateMatch, dnSubtreeMatch, dnSuperiorMatch
I've also tried things like ldapsearch -x "(entryDN:dnSubtreeMatch:=*sales*)" cn which returned no result either.
This should be
(entryDN:dnSubtreeMatch:=ou=user,ou=sales,o=Testcompany)
Ciao, Michael.