Java LDAP query to retrieve all users in an organisational unit

1

votes

I cannot find a way to get users from LDAP by specific organisational unit. Only able to get all users with:

List users = (List<User>) ldapTemplate.search(base, "(&(objectClass=person))", new UserAttributesMapper());

If I add to query something like (memberOf=OU=Users) I get empty results. What is the correct query for this kind of action?

javaldapldap-query

0

votes

Probably you have wrong LDAP path. Download**LDAP Browser** and check the path under which your users are; then use this exact path in your query.

0

votes

If the OU is a sub tree, use that as the base of the search. If it's an attribute, search on

(&(objectClass=person)(ou=Users))

Your 'memberOf' search should also work if the memberOf attribute is maintained and up to date, but you need to specify the full DN of Users, not juste RDN.

0

votes

Actually, you can only use the (ou=Users) filter, if the ou attribute is part of the person entries (which is hardly the case).

You could use ou=Users,dc=Company,dc=com as the base.

Otherwise, LDAP standard defines a way to match an assertion as part of the Distinguished Name, but unfortunately not all LDAP servers support that. OpenDJ, Sun Directory Server and RH DS do support it, probably some other ones. The filter you should use is the following:

(&(objectclass=person)(ou:dn:=users))

Regards,

Ludovic.

Java LDAP query to retrieve all users in an organisational unit

3 Answers