-------- Original Message --------
Subject: Re: [LDAP-interop] LDAPv3 NOT search filter behavior
Resent-Date: Fri, 1 Jul 2005 17:33:29 +0000 (GMT)
Resent-From: richm(a)stanfordalumni.org
Date: Fri, 01 Jul 2005 12:33:26 -0500
From: Benjamin Lewis <bhlewis(a)purdue.edu>
To: richm(a)stanfordalumni.org, OpenLDAP interoperability list
<ldap-interop(a)fini.net>
CC: quanah(a)stanford.edu
On July 1 2005, Rich Megginson wrote:
What happens if you specify the uid attribute to be returned?
The uid attribute is returned for those entries that have one.
ldapsearch "(!(uid=quanah))" uid
? Does it return only those entries that have a uid attribute? Does
OpenLDAP omit entries from the search results that match the search
filter but do not contain the attribute listed in the attribute list in
the search request?
No. You might use something like '(&(uid=*)(!(uid=quanah)))' to
return only the entries that have a uid attribute. It would probably
be better to use objectClass to restrict the search to the type of
objects you're looking for. Perhaps something like
'(&(objectclass=posixAccount)(!(uid=quanah)))'.
-Ben
--
Benjamin Lewis <bhlewis(a)purdue.edu>
Security Analyst, Identity and Access Management
IT Security and Privacy
Purdue University