C.3. Examples of LDAP URLs

Note

The LDAP URL format is described in RFC 4516, which is available at http://www.ietf.org/rfc/rfc4516.txt.
Example 1

The following LDAP URL specifies a base search for the entry with the distinguished name dc=example,dc=com.

ldap://ldap.example.com/dc=example,dc=com
  • Because no port number is specified, the standard LDAP port number (389) is used.
  • Because no attributes are specified, the search returns all attributes.
  • Because no search scope is specified, the search is restricted to the base entry dc=example,dc=com.
  • Because no filter is specified, the directory uses the default filter (objectclass=*).
Example 2

The following LDAP URL retrieves the postalAddress attribute of the entry with the DN dc=example,dc=com:

ldap://ldap.example.com/dc=example,dc=com?postalAddress
  • Because no search scope is specified, the search is restricted to the base entry dc=example,dc=com.
  • Because no filter is specified, the directory uses the default filter (objectclass=*).
Example 3

The following LDAP URL retrieves the cn, mail, and telephoneNumber attributes of the entry for Barbara Jensen:

ldap://ldap.example.com/cn=Barbara%20Jensen,dc=example,dc=com?cn,mail,telephoneNumber
  • Because no search scope is specified, the search is restricted to the base entry cn=Barbara Jensen,dc=example,dc=com.
  • Because no filter is specified, the directory uses the default filter (objectclass=*).
Example 4

The following LDAP URL specifies a search for entries that have the surname Jensen and are at any level under dc=example,dc=com:

ldap://ldap.example.com/dc=example,dc=com??sub?(sn=Jensen)
  • Because no attributes are specified, the search returns all attributes.
  • Because the search scope is sub, the search encompasses the base entry dc=example,dc=com and entries at all levels under the base entry.
Example 5

The following LDAP URL specifies a search for the object class for all entries one level under dc=example,dc=com:

ldap://ldap.example.com/dc=example,dc=com?objectClass?one
  • Because the search scope is one, the search encompasses all entries one level under the base entry dc=example,dc=com. The search scope does not include the base entry.
  • Because no filter is specified, the directory uses the default filter (objectclass=*).

Note

The syntax for LDAP URLs does not include any means for specifying credentials or passwords. Search requests initiated through LDAP URLs are unauthenticated, unless the LDAP client that supports LDAP URLs provides an authentication mechanism.