Re: Can DN be used as search key in ldapsearch?

Gordon Good (
Wed, 03 Jul 1996 09:59:52 -0700

Alex Hwang wrote:
> If there are sources that can answer questions like this, please let me
> know so I do not waste the bandwidth
> I can't get ldapsearch to work on the dn. For example,
> ldapsearch 'dn=(cn=Joe, o=XYZ, c=US)' or even
> ldapsearch 'dn=*'
> Is dn a hidden atribute? Is the syntax incorrect? Or the database was not
> set up properly? Or one just does not do things like this?

You need to do a base search for the object you want, e.g.

ldapsearch -b "cn=Joe, o=XYZ, c=US" -s base "objectclass=*"

or, if you want to get all objects, modulo any server-enforced time or size limits:

ldapsearch -b "o=XYZ, c=US" "objectclass=*"

Gordon Good                          (opinions expressed here are mine, 
Netscape Communications Corp.         not necessarily my employer's)
Mountain View, CA