Active Directory LDAP Search Filter or operator syntax

5
votes

I am using LDAP Directory Services in C# to search users from LDAP with some filter criteria. I want to supply multiple OR filter criteria. For example firstName, lastName, telephone etc. It works fine when I supply all filter values but gives error when I just supply one or two filter values.

Here is the sample code I am using:

var LdapSearcher = new DirectorySearcher(RootDomain, 
                   "(&(objectclass=user)(sn=" + lastName.Trim() + ")(givenName=" + firstName.Trim() + "))");

I get the result when I supply both sn and givenName values. However, it's an OR search and user will enter either lastName or FirstName.

How to apply OR Filter in LDAP DirectorySearcher.?

1
c#active-directoryldap
& equals AND | equals OR do a google search.. there are actually lots of examples online on how to do this.. and if you want and even easier way.. google PrincipalContext examples as well with C# ActiveDirectory : LDAP SyntaxMethodMan

1 Answers

12
votes

You need to use the | operator. From what you've provided, your conditions are :

  • objectclass must be equal "user"
  • sn OR givenName must be equal to the provided value

Let's say the user has provided the name "John Smith". Your filter should look like :

(&(objectClass=user)(|(sn=Smith)(givenName=John)))