ldapfilter.conf(4) File Formats ldapfilter.conf(4)NAMEldapfilter.conf - configuration file for LDAP filtering routines
SYNOPSIS
/etc/opt/SUNWconn/ldap/current/ldapfilter.conf
DESCRIPTION
The ldapfilter.conf file contains information used by the LDAP filter‐
ing routines.
Blank lines and lines that begin with a hash character (#) are treated
as comments and ignored. The configuration information consists of
lines that contain one to five tokens. Tokens are separated by white
space, and double quotes can be used to include white space inside a
token.
The file consists of a sequence of one or more filter sets. A filter
set begins with a line containing a single token called a tag.
The filter set consists of a sequence of one or more filter lists. The
first line in a filter list must contain four or five tokens: the value
pattern, the delimiter list, a filtertemplate, a match description, and
an optional search scope. The value pattern is a regular expression
that is matched against the value passed to the LDAP library call to
select the filter list.
The delimiter list is a list of the characters (in the form of a single
string) that can be used to break the value into distinct words.
The filter template is used to construct an LDAP filter (see descrip‐
tion below)
The match description is returned to the caller along with a filter as
a piece of text that can be used to describe the sort of LDAP search
that took place. It should correctly compete both of the following
phrases: "One match description match was found for ..." and "Three
match description matches were found for...."
The search scope is optional, and should be one of base, onelevel, or
subtree. If search scope is not provided, the default is subtree.
The remaining lines of the filter list should contain two or three
tokens, a filter template, a match description and an optional search
scope.
The filter template is similar in concept to a printf(3C) style format
string. Everything is taken literally except for the character
sequences:
%v Substitute the entire value string in place of the %v.
%v$ Substitute the last word in this field.
%vN Substitute word N in this field (where N is a single
digit 1-9). Words are numbered from left to right
within the value starting at 1.
%vM-N Substitute the indicated sequence of words where M and
N are both single digits 1-9.
%vN- Substitute word N through the last word in value where
N is again a single digit 1-9.
EXAMPLES
Example 1: An LDAP Filter Configuration File
The following LDAP filter configuration file contains two filter sets,
example1 and example2 onelevel, each of which contains four filter
lists.
# ldap filter file
#
example1
"=" " " "%v" "arbitrary filter"
"[0-9][0-9-]*" " " "(telephoneNumber=*%v)" "phone number"
"@" " " "(mail=%v)" "email address"
"^.[. _].*" ". _" "(cn=%v1* %v2-)" "first initial"
".*[. _].$" ". _" "(cn=%v1-*)" "last initial"
"[. _]" ". _" "(|(sn=%v1-)(cn=%v1-))" "exact"
"(|(sn~=%v1-)(cn~=%v1-))" "approximate"
".*" ". " "(|(cn=%v1)(sn=%v1)(uid=%v1))" "exact"
"(|(cn~=%v1)(sn~=%v1))" "approximate"
"example2 onelevel"
"^..$" " " "(|(o=%v)(c=%v)(l=%v)(co=%v))" "exact" "onelevel"
"(|(o~=%v)(c~=%v)(l~=%v)(co~=%v))" "approximate"
"onelevel"
" " " " "(|(o=%v)(l=%v)(co=%v)" "exact" "onelevel"
"(|(o~=%v)(l~=%v)(co~=%v)" "approximate" "onelevel"
"." " " "(associatedDomain=%v)" "exact" "onelevel"
".*" " " "(|(o=%v)(l=%v)(co=%v)" "exact" "onelevel"
"(|(o~=%v)(l~=%v)(co~=%v)" "approximate" "onelevel"
ATTRIBUTES
See attributes(5) for a description of the following attributes:
┌─────────────────────────────┬─────────────────────────────┐
│ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
├─────────────────────────────┼─────────────────────────────┤
│Availability │SUNWlldap │
├─────────────────────────────┼─────────────────────────────┤
│Stability Level │Evolving │
└─────────────────────────────┴─────────────────────────────┘
SEE ALSOldap_getfilter(3LDAP), ldap_ufn(3LDAP), attributes(5)SunOS 5.10 9 Jul 2003 ldapfilter.conf(4)