Using ldapsearch594 Red Hat Directory Server Administrator’s Guide • May 2005Specifying Search Filters Using a FileYou can enter search filters into a file instead of entering them on thecommand-line. When you do this, specify each search filter on a separate line inthe file. The ldapsearch command runs each search in the order in which itappears in the file.For example, if the file contains:sn=Francisgivenname=Richardthen ldapsearch first finds all the entries with the surname Francis and, then, allthe entries with the givenname Richard. If an entry is found that matches bothsearch criteria, then the entry is returned twice.For example, suppose you specified the previous search filters in a file namedsearchdb, and you set your search base using LDAP_BASEDN. Then the followingreturns all the entries that match either search filter:ldapsearch -h mozilla -f searchdbYou can limit the set of attributes returned here by specifying the attribute namesthat you want at the end of the search line. For example, the followingldapsearch command performs both searches but returns only the DN and thegivenname and sn attributes of each entry:ldapsearch -h mozilla -f searchdb sn givennameSpecifying DNs That Contain Commas in Search FiltersWhen a DN within a search filter contains a comma as part of its value, you mustescape the comma with a backslash (\). For example, to find everyone in theexample.com Bolivia, S.A. subtree, use the following command:ldapsearch -h mozilla -s base -b "o=example.com Bolivia\,S.A.,dc=example,dc=com" "objectclass=*"Using Client Authentication When SearchingThis example shows user bjensen searching the directory using clientauthentication:ldapsearch -h mozilla -p 636 -b "dc=example,dc=com" -N"bjensenscertname" -Z -W certdbpassword -P/home/bjensen/certdb/cert.db "givenname=Richard"
