Red Hat Directory Server 8.0 Administrator's Guide
Component Description
base_dn Distinguished name (DN) of an entry in the
directory. This DN identifies the entry that is
the starting point of the search. If no base DN
is specified, the search starts at the root of the
directory tree.
attributes The attributes to be returned. To specify more
than one attribute, use commas to separate
the attributes; for example,
cn,mail,telephoneNumber. If no attributes
are specified in the URL, all attributes are
returned.
scope The scope of the search, which can be one of
these values:
base retrieves information only about the
distinguished name (base_dn) specified in the
URL.
one retrieves information about entries one
level below the distinguished name (base_dn)
specified in the URL. The base entry is not
included in this scope.
sub retrieves information about entries at all
levels below the distinguished name
(base_dn) specified in the URL. The base
entry is included in this scope.
If no scope is specified, the server performs a
base search.
filter Search filter to apply to entries within the
specified scope of the search. If no filter is
specified, the server uses the filter
(objectClass=*).
Table C.1. LDAP URL Components
The attributes, scope, and filter components are identified by their positions in the URL. Even if
no attributes are specified, the question marks still must be included to delimit that field.
For example, to specify a subtree search starting from dc=example,dc=com that returns all
attributes for entries matching (sn=Jensen), use the following LDAP URL:
ldap://ldap.example.com/dc=example,dc=com??sub?(sn=Jensen)
The two consecutive question marks, ??, indicate that no attributes have been specified. Since
Appendix C. LDAP URLs
572