Method: Net::LDAP#search

Defined in:
lib/net/ldap.rb

#search(args = {}) ⇒ Object

Searches the LDAP directory for directory entries. Takes a hash argument with parameters. Supported parameters include:

  • :base (a string specifying the tree-base for the search);

  • :filter (an object of type Net::LDAP::Filter, defaults to objectclass=*);

  • :attributes (a string or array of strings specifying the LDAP attributes to return from the server);

  • :return_result (a boolean specifying whether to return a result set).

  • :attributes_only (a boolean flag, defaults false)

  • :scope (one of: Net::LDAP::SearchScope_BaseObject, Net::LDAP::SearchScope_SingleLevel, Net::LDAP::SearchScope_WholeSubtree. Default is WholeSubtree.)

  • :size (an integer indicating the maximum number of search entries to return. Default is zero, which signifies no limit.)

  • :time (an integer restricting the maximum time in seconds allowed for a search. Default is zero, no time limit RFC 4511 4.5.1.5)

  • :deref (one of: Net::LDAP::DerefAliases_Never, Net::LDAP::DerefAliases_Search, Net::LDAP::DerefAliases_Find, Net::LDAP::DerefAliases_Always. Default is Never.)

#search queries the LDAP server and passes each entry to the caller-supplied block, as an object of type Net::LDAP::Entry. If the search returns 1000 entries, the block will be called 1000 times. If the search returns no entries, the block will not be called.

#search returns either a result-set or a boolean, depending on the value of the :return_result argument. The default behavior is to return a result set, which is an Array of objects of class Net::LDAP::Entry. If you request a result set and #search fails with an error, it will return nil. Call #get_operation_result to get the error information returned by the LDAP server.

When :return_result => false, #search will return only a Boolean, to indicate whether the operation succeeded. This can improve performance with very large result sets, because the library can discard each entry from memory after your block processes it.

treebase = "dc=example, dc=com"
filter = Net::LDAP::Filter.eq("mail", "a*.com")
attrs = ["mail", "cn", "sn", "objectclass"]
ldap.search(:base => treebase, :filter => filter, :attributes => attrs,
            :return_result => false) do |entry|
  puts "DN: #{entry.dn}"
  entry.each do |attr, values|
    puts ".......#{attr}:"
    values.each do |value|
      puts "          #{value}"
    end
  end
end



776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
 
# File 'lib/net/ldap.rb', line 776

def search(args = {})
  unless args[:ignore_server_caps]
    args[:paged_searches_supported] = paged_searches_supported?
  end

  args[:base] ||= @base
  return_result_set = args[:return_result] != false
  result_set = return_result_set ? [] : nil

  instrument "search.net_ldap", args do |payload|
    @result = use_connection(args) do |conn|
      conn.search(args) do |entry|
        result_set << entry if result_set
        yield entry if block_given?
      end
    end

    if return_result_set
      unless @result.nil?
        if ResultCodesSearchSuccess.include?(@result.result_code)
          result_set
        end
      end
    else
      @result.success?
    end
  end
end