On Mon, Oct 6, 2008 at 4:28 PM, Hallvard B Furuseth <[EMAIL PROTECTED]> wrote: > Manuel Vacelet writes: >> I'd like to know if it's correct to retrieve several entries from a >> directory in one LDAP query based on the DN. >> I have several group DN: >> cn=marketing,ou=Groups,dc=example,dc=com >> cn=sales,ou=Groups,dc=example,dc=com >> And I'd like to get the entries of all DN in only one query (I >> actually want to get all the members of these groups). >> >> Is it correct/possible to do this or do I have to run one query per DN ? > > Normally one query per DN, since each LDAP operation has one baseDN.
Ok, thanks for the answer (thanks to Emmanuel who replied to me in private too). > Though it may be possible to hack it: Search with > base "ou=Groups,dc=example,dc=com" > filter "(&(your intended filter)(|(cn:dn:=marketing)(cn:dn:=sales)))" > > That finds entries matching your filter which also has "cn=marketing" or > "cn=sales" in the DN. However that means it'd also match e.g. an entry > named cn=sales,cn=Somewhere,cn=Else,ou=Groups,dc=example,dc=com. If limit the scope of my query to "One" this shouldn't happen isn't it ?
