ldap_search

Asynchronously searches the directory.

LDAP Version:v2 or higher
Library:*ldapsdk.*
NDS Version:7.xx or higher
Platform:NLM, Windows (NT, 95, 98, 2000, XP, Vista 32-bit and 64-bit ), Linux (32-bit and 64-bit), Solaris, AIX, and HP-UX

Syntax

  #include <ldap.h>
  
  int ldap_search (
     LDAP          *ld,
     const char    *base,
     int            scope,
     const char    *filter,
     char         **attrs,
     int            attrsonly);

Parameters

ld

(IN) Points to the handle for the LDAP session.

base

(IN) Points to the distinguished name of the entry from which to start the search.

scope

(IN) Specifies the scope of the search and uses one of the following flags:

  • LDAP_SCOPE_BASE (0x00)—searches the entry specified by the base parameter.

  • LDAP_SCOPE_ONELEVEL (0x01)—searches the immediate subordinates of the entry specified by the base parameter.

  • LDAP_SCOPE_SUBTREE (0x02)—searches the entire subtree starting with the entry specified by the base parameter.

filter

(IN) Points to a search filter.

If NULL is passed, a default filter ("objectclass=*") is used, a filter which matches all entries in the directory. Using a NULL filter is not recommended for subtree searches on trees that potentially have hundreds of thousands of entries.

Simple filters take the form of strings: attribute name=attribute value. For more complex filters, see Using Search Filters.

attrs

(IN) Points to a NULL-terminated array of strings indicating which attributes to return with each matching entry. To return only entry names (and no attributes), set the first, and only string in the array, to LDAP_NO_ATTRS. To return all attributes, set this parameter to NULL.

For example, to return the cn, surname, and givenName attributes, declare attrs as: char* attrs[]={"cn", "surname", "givenName", NULL};

attrsonly

(IN) Specifies whether to return just attributes or attributes and values.

  • Zero—return both attributes and values

  • Non-zero—return only attributes

Return Values

>0

Message ID of operation

-1

Failure

Remarks

The ldap_search function is an older function which does not allow you to specify LDAP controls.

The LDAP_OPT_DEREF option in the LDAP session handle affects how aliases are handled during the search.

  • The LDAP_DEREF_FINDING value means aliases are dereferenced when locating the base object but not during the search.

  • The LDAP_DEREF_SEARCHING value means aliases are dereferenced during the search but not when locating the base object of the search.

To obtain the results of the operation, call the ldap_result function using the message ID returned to the ldap_search function.

If the function returns a -1, use the ldap_get_option function with the option parameter set to LDAP_OPT_RESULT_CODE to retrieve the error code from the LDAP session handle.

Server timeouts and size limits for this function are set using the LDAP_OPT_TIMELIMIT and LDAP_OPT_SIZELIMIT options on the LDAP handle. This function has no client time or size limits.

See Also

ldap_search_ext, ldap_search_st