March 3, 2015 at 2:29 pm #3317artyukhinParticipant
I’m using Active Directory connector. Everything works great except couple of things
1) When I use openidm.query(“system/ad/account”) with _queryFilter = dn eq “cn=..,ou=…dc=…” in my script, I get an empty result.
I understand that dn is special attribute and it can cause problems but I wonder why direct REST API call
openidm/system/ad/account?__queryFilter = dn+eq+”…” return correct result.
My task is to check if account with specific DN already exists in target system. Is there another way to do it?
I tried system/ad/account/<DN> but it doesn’t work (although in AD GUID and DN can be used interchangeably)
2) I noticed that search in openidm.query(“system/ad/account”) with _queryFilter = sAMAccountName eq “<SAN>” (and in direct REST API call) is case-sensitive.
So query sAMAccountName eq “test” returns nothing even in case if user “Test” exists in AD. Is there any way to use case-insensitive search?
Does anybody have the same problems?March 3, 2015 at 2:46 pm #3318LudoModerator
In LDAP, you cannot search on the DN of an entry. You can read it, but not use the DN in a filter. Instead you do a search with a filter on a unique attribute and get the entry back with its DN.March 3, 2015 at 3:06 pm #3319artyukhinParticipant
Yes, I know that it’s impossible to use ‘distinquishedName=…’ in LDAP filter. But why it works when invoking REST API from browser and doesn’t work when invoking from script?
And how to get an entry with given DN (of of possible solutions is to search by CN and then check DNs of return records)
- This reply was modified 6 years, 3 months ago by artyukhin.
You must be logged in to reply to this topic.