Definition: LDAP Search Filter
A search filter provides a mechanism for defining the criteria for defining matching entries in an LDAP search operation. There are ten different types of search filters defined in LDAP:
- AND Filters – Serve as a container for holding zero or more search filter elements. All search filters contained in the AND filter must match the target entry for the AND filter to match.
- OR Filters – Serve as a container for holding zero or more search filter elements. At least one of the search filters contained in the OR filter must match the target entry for the OR filter to match.
- NOT Filters – Serves as a container for exactly one search filter element. The embedded filter must not match the target entry for the NOT filter to match.
- Equality Filters – Provides a mechanism for identifying entries that contain a specified value for a given attribute.
- Substring Filters – Provides a mechanism for identifying entries with attribute values matching a specified substring.
- Greater or Equal Filters – Provides a mechanism for identifying entries with attribute values greater than or equal to a specific value.
- Less or Equal Filters – Provides a mechanism for identifying entries with attribute values less than or equal to a specific value.
- Presence Filters – Provides a mechanism for identifying entries that contain at least one value for a specified attribute.
- Approximate Filters – Provides a mechanism for identifying entries with attribute values that are approximately equal to a given value.
- Extensible Match Filters – Provides a mechanism for using a matching rule to identify matching entries using an extensible mechanism.
See RFC 4515 for more information about LDAP search filters and a mechanism for representing them as strings.
Sign up or Log in to add a comment or watch this page.