- Contents
Interaction Designer Help
Search Entries
This LDAP tool queries a specified portion of an LDAP Directory Information Tree (DIT) for all entries matching specified criteria. For each matching entry, Search Entries returns the entry ID and a list of attribute/value pairs that you request. This tool can return 0, 1, or many matches to your search criteria. All matches are placed in a search result object. You can use the Next Entry tool to iterate through this list of matching entries.
For example, suppose you want to return the email addresses for all entries that have "Schiller" in their UID attribute value. For each match, you want the entry's email address ("mail" attribute). The search creates a search result object containing 3 entries: SchillerA, SchillerAS, and SchillerTU. Each entry has a mail attribute/value pair. You can use the Next Entry tool to extract the first entry ID and move the iterator to the next entry, then use the Get Entry Attribute tool to read the value of the mail attribute associated with the entry ID. In this way you can extract the email address values for each entry in the search result object.
See Introduction to LDAP tools for more information on using this tool.
Note: Do not use the Login tool after this tool if you want to log in anonymously.
Inputs
Session ID
The unique identifier for the session created with the Session tool.
SearchBase
The portion of the DS you want to search. You must specify a DS object with a full DN, such as "ou=subscribers, ou=People, dc=inin, dc=com".
SearchFilter
An expression that specifies the types of entries to return. Some common filters are described in the table below, but you should consult an LDAP reference. Also, see the topic LDAP: The order in which LDAP tools might be used.
Here are some common search filters:
|
Syntax |
Description |
|
"(sn=smith)" |
This filter matches entries with the sn (surname) attribute whose value is exactly smith. |
|
"(sn=smith*)" |
Matches entries where the sn attribute begins with smith, such as smithers. |
|
"(sn=*smith)" |
Matches entries where the sn attribute ends with smith, such as goldsmith. |
|
"(sn=smi*th)" |
Matches entries where the sn attribute begins with smi and ends with th, such as smi. |
|
"(sn~=smith)" |
Matches entries that sound like smith. This function is implemented differently depending upon your LDAP server and the language it employs employed. |
|
"(sn<=smith)" |
Matches entries where the sn attribute is less than or equal to smith lexicographically. |
SearchScope
Indicates the area you want to search. This parameter accepts three integer values, as shown in the following table:
|
Integer Value |
Meaning |
Description |
|
2 |
"subtree" |
Indicates that you want to search the base and all subentries beneath, including the subentries of subentries. Basically, you want to search EVERYTHING at or below the specified SearchBase object. |
|
1 |
"onelevel" |
Indicates that you want to search only the immediate child subentries of the specified SearchBase object. |
|
0 |
"base" |
Indicates that you want to search only the specified SearchBase object. |
Timeout
The maximum number of seconds the LDAP server should spend trying to honor the search request. Specify 0 for no timeout at all.
SizeLimit
Specifies the maximum number of entries to retrieve. For example, if your size limit is 100, but the server locates 500 matching entries, this tool returns the first 100, and the result code LDAP_SIZELIMIT_EXCEEDED is returned. Set SizeLimit to 0 to return all matching entries, or the maximum number allowed by your server.
Attributes
A list of string containing the attributes you want to return for each matching entry. If you leave this field blank, all attributes are returned.
Outputs
Entries
The handle to the search result object. You can pass this handle to the Next Entry tool to extract the values of one entry for use with the Get Entry Attribute tool.
Number of Entries
The number of matching entries found.
Error Code
The code associated with a processing error.
Error Message
A string description describing the error that occurred.
Error Native
A string description of an error that occurred in the LDAPLib module that connects this CIC server to your LDAP Server.
Exit Paths
Success
This step takes the Success of the operation completed successfully.
Failure
This tool takes the Failure exit path if an error occurred. Examine the output error text to determine the problem.