235 lines
7.3 KiB
HTML
235 lines
7.3 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
|
|
<meta name="Copyright" content="Copyright (c) 2006 by IBM Corporation">
|
|
<title>ldap_search()--Perform an LDAP Search Operation</title>
|
|
<!-- Begin Header Records ========================================== -->
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<!-- Change History: -->
|
|
<!-- YYMMDD USERID Change description -->
|
|
<!-- Direct1 SCRIPT J converted by B2H R4.1 (346) (CMS) by V2KEA304 -->
|
|
<!-- at RCHVMW2 on 17 Feb 1999 at 11:05:09 -->
|
|
<!-- File Edited April 2001 -->
|
|
<!-- This file has undergone html cleanup on 2/19/02 by JET -->
|
|
<!--End Header Records -->
|
|
<link rel="stylesheet" type="text/css" href="../rzahg/ic.css">
|
|
</head>
|
|
<body>
|
|
<!-- Java sync-link -->
|
|
<script language="Javascript" src="../rzahg/synch.js" type="text/javascript">
|
|
</script>
|
|
|
|
<a name="Top_Of_Page"></a>
|
|
|
|
<h2>ldap_search()--Perform an LDAP Search Operation</h2>
|
|
|
|
<br><div class="box" style="width: 60%;">
|
|
<br>
|
|
Syntax<br>
|
|
<pre>
|
|
#include <ldap.h>
|
|
|
|
int ldap_search(
|
|
LDAP *<em>ld</em>,
|
|
const char *<em>base</em>,
|
|
int <em>scope</em>,
|
|
const char *<em>filter</em>,
|
|
char **<em>attrs</em>,
|
|
int <em>attrsonly</em>)
|
|
</pre>
|
|
|
|
<br>
|
|
Default Public Authority: *USE<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
Library Name/Service Program: QSYS/QGLDCLNT<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
Threadsafe: Yes<br>
|
|
<!-- iddvc RMBR -->
|
|
<br>
|
|
</div>
|
|
|
|
<br>
|
|
<p>The <strong>ldap_search()</strong> function is used to perform an LDAP
|
|
search operation.</p>
|
|
|
|
<p><strong>ldap_search()</strong> is an asynchronous request. A subsequent call
|
|
to <a href="ldap_result.htm">ldap_result()</a> can be used to obtain the
|
|
results from the search.</p>
|
|
|
|
<br>
|
|
|
|
|
|
<h3>Authorities and Locks</h3>
|
|
|
|
<p>No i5/OS authority is required. All authority checking is done by the LDAP
|
|
server.</p>
|
|
|
|
<br>
|
|
|
|
|
|
<h3>Parameters</h3>
|
|
|
|
<dl>
|
|
<dt><em>ld</em></dt>
|
|
|
|
<dd>(Input) Specifies the LDAP pointer returned by a previous call to <a href=
|
|
"ldap_init.htm">ldap_init()</a>, <a href="ldap_ssl_init.htm">
|
|
ldap_ssl_init()</a>, or <a href="ldap_open.htm">ldap_open()</a>.</dd>
|
|
|
|
<dt><em>base</em></dt>
|
|
|
|
<dd>(Input) Specifies the DN of the entry at which to start the search.</dd>
|
|
|
|
<dt><em>scope</em></dt>
|
|
|
|
<dd>(Input) Specifies the scope of the search. It can be <strong>
|
|
LDAP_SCOPE_BASE</strong> (to search the <em>base</em> object itself), or
|
|
<strong>LDAP_SCOPE_ONELEVEL</strong> (to search the <em>base</em> object's
|
|
immediate children), or <strong>LDAP_SCOPE_SUBTREE</strong> (to search the <em>
|
|
base</em> object and all its descendents).</dd>
|
|
|
|
<dt><em>filter</em></dt>
|
|
|
|
<dd>(Input) Specifies a string representation of the filter to apply in the
|
|
search. Simple filters can be specified as attributetype=attributevalue. More
|
|
complex filters are specified using a prefix notation according to the
|
|
following BNF:
|
|
|
|
<pre>
|
|
<filter> ::= '(' <filtercomp> ')'
|
|
<filtercomp> ::= <and> | <or> | <not> | <simple>
|
|
<and> ::= '&' <filterlist>
|
|
<or> ::= '|' <filterlist>
|
|
<not> ::= '!' <filter>
|
|
<filterlist> ::= <filter> | <filter> <filterlist>
|
|
<simple> ::= <attributetype> <filtertype> <attributevalue>
|
|
<filtertype> ::= '=' | '~=' | '<=' | '>='
|
|
</pre>
|
|
|
|
<br>
|
|
<p>The '~=' construct is used to specify approximate matching. The
|
|
representation for <attributetype> and <attributevalue> are as
|
|
described in RFC 2252, "Lightweight Directory Access Protocol (v3): Attribute
|
|
Syntax Definitions." In addition, <attributevalue> can be a single * to
|
|
achieve an attribute existence test, or can contain text and *'s interspersed
|
|
to achieve substring matching.</p>
|
|
|
|
<p> For example, the filter "(mail=*)" will find any entries that have a mail
|
|
attribute. The filter "(mail=*@student.of.life.edu)" will find any entries that
|
|
have a mail attribute ending in the specified string.</p>
|
|
|
|
<p> More complex filters are created using the & and | operators. For
|
|
example, the filter "(&(objectclass=person)(mail=*))" will find any entries
|
|
that have an objectclass of person and a mail attribute. To put parentheses or
|
|
asterisks in a filter, escape them with a backslash '\' character. See RFC
|
|
2254, "A String Representation of LDAP Search Filters," for a more complete
|
|
description of allowable filters.</p>
|
|
</dd>
|
|
|
|
<dt><em>attrs</em></dt>
|
|
|
|
<dd>(Input) Specifies a null-terminated array of character string attribute
|
|
types to return from entries that match <em>filter</em>. If NULL is specified,
|
|
all attributes will be returned.</dd>
|
|
|
|
<dt><em>attrsonly</em></dt>
|
|
|
|
<dd>(Input) Specifies attribute information. <em>Attrsonly</em> should be set
|
|
to 1 to request attribute types only. Set to 0 to request both attributes types
|
|
and attribute values.</dd>
|
|
</dl>
|
|
|
|
<br>
|
|
|
|
|
|
<h3>Return Value</h3>
|
|
|
|
<dl>
|
|
<dt><strong>Message ID of the Operation Initiated</strong></dt>
|
|
|
|
<dd>if the request was successful. A subsequent call to <a href=
|
|
"ldap_result.htm">ldap_result()</a>, can be used to obtain the result.<br>
|
|
<br>
|
|
</dd>
|
|
|
|
<dt><strong>-1</strong></dt>
|
|
|
|
<dd>if the request was not successful.</dd>
|
|
</dl>
|
|
|
|
<br>
|
|
|
|
|
|
<h3>Error Conditions</h3>
|
|
|
|
<p>If <strong>ldap_search()</strong> is not successful, -1 will be returned
|
|
setting the session error(<em>ld_errno</em>) parameters in the LDAP structure
|
|
appropriately. See <a href="ldap_error_condt.htm">LDAP Client API Error
|
|
Conditions</a> for possible values for the error codes. Use <a href=
|
|
"ldap_get_errno.htm">ldap_get_errno()</a> to obtain the error code <em>
|
|
ld_errno</em>.</p>
|
|
|
|
<br>
|
|
|
|
|
|
<h3>Error Messages</h3>
|
|
|
|
<p>The following message may be sent from this function.</p>
|
|
|
|
<table width="100%" cellpadding="3">
|
|
<tr>
|
|
<th align="left" valign="top">Message ID</th>
|
|
<th align="left" valign="top">Error Message Text</th>
|
|
</tr>
|
|
|
|
<tr>
|
|
<td width="15%" valign="top">CPF3CF2 E</td>
|
|
<td width="85%" valign="top">Error(s) occurred during running of ldap_search
|
|
API.</td>
|
|
</tr>
|
|
</table>
|
|
|
|
<br>
|
|
<br>
|
|
|
|
|
|
<h3>Related Information</h3>
|
|
|
|
<ul>
|
|
<li><a href="ldap_result.htm">ldap_result()</a> -- Retrieve result of an
|
|
asynchronous LDAP operation.</li>
|
|
|
|
<li><a href="ldap_search_s.htm">ldap_search_s()</a> -- Synchronously search the
|
|
directory.</li>
|
|
|
|
<li><a href="ldap_search_ext.htm">ldap_search_ext()</a> -- Asynchronously
|
|
search the directory with controls.</li>
|
|
|
|
<li><a href="ldap_search_ext_s.htm">ldap_search_ext_s()</a> -- Synchronously
|
|
search the directory with controls.</li>
|
|
|
|
<li><a href="ldap_search_st.htm">ldap_search_st()</a> -- Synchronously search
|
|
the directory with timeout.</li>
|
|
</ul>
|
|
|
|
<hr>
|
|
API introduced: V4R3
|
|
|
|
<hr>
|
|
<table align="center" cellpadding="2" cellspacing="2">
|
|
<tr align="center">
|
|
<td valign="middle" align="center"><a href="#Top_Of_Page">Top</a> | <a href=
|
|
"dirserv1.htm">LDAP APIs</a> | <a href="aplist.htm">APIs by
|
|
category</a></td>
|
|
</tr>
|
|
</table>
|
|
</body>
|
|
</html>
|
|
|