07.03.23 21:50, Clément OUDOT пише:
Le 07/03/2023 à 06:58, forumforeign a écrit :
06.03.23 19:14, Clément OUDOT пише:
Le 06/03/2023 à 16:13, forumforeign a écrit :
'(&(objectClass=organizationalRole)(cn=developer)(uid=user1,ou=people,dc=domain,dc=com))'
RoleOccupant
'(&(objectClass=organizationalRole)(cn=developer)(uid=user1,ou=people,dc=domain,dc=com))'
'(&(objectClass=organizationalRole)(cn=developer)(uid=user1*))'
RoleOccupant
How I can change filter, that check if user1 belong to group
developer?
Use
'(&(objectClass=organizationalRole)(cn=developer)(roleOccupant=user1,ou=people,dc=domain,dc=com))'
, it will return one entry if user is member of the
group"cn=developer", and no entry else.
Unfortunately it also doesn't work:
$ openldapsearch -v -H ldaps://<ldap_host> -x -b 'dc=domain,dc=com'
-W -D "cn=vmail,ou=services,dc=domain,dc=com"
'(&(objectClass=organizationalRole)(cn=developer)(roleOccupant=user1,ou=people,dc=domain,dc=com))'
RoleOccupant
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=domain,dc=com> with scope subtree
# filter:
(&(objectClass=organizationalRole)(cn=developer)(roleOccupant=user1,ou=people,dc=domain,dc=com))
# requesting: RoleOccupant
#
# search result
search: 2
result: 0 Success
# numResponses: 1
Also, I have tried (without RoleOccupant at the end)
$ openldapsearch -v -H ldaps://<ldap_host> -x -b 'dc=domain,dc=com'
-W -D "cn=vmail,ou=services,dc=domain,dc=com"
'(&(objectClass=organizationalRole)(cn=developer)(roleOccupant=user1,ou=people,dc=domain,dc=com))'
There was a typo in the filter, the attribute of the RDN was missing :
'(&(objectClass=organizationalRole)(cn=developer)(roleOccupant=uid=user1,ou=people,dc=domain,dc=com))'
Thank you! It works.
