unboundid ldap SDK how to get all users and exclude a department

Question

I have sample code

Filter searchFilter = Filter.create("(sAMAccountType=805306368)");
                        SearchRequest searchRequest =
                                new SearchRequest(advanceBaseDnTxt.getText(), SearchScope.SUB, searchFilter,
                                        ldapAttributeSet);
                        SearchResult searchResult = lcon.search(searchRequest);

Is this enough for retreiving all users and how to exclude a department also?

@Esteban thank you. Also what is difference between (sAMAccountType=805306368) and (objectCategory=user))? — Mert Serimer, Jul 18 '17 at 10:13
The same as `SELECT * FROM table WHERE accountType="foo"` and `SELECT * FROM table WHERE rowType="bar"` . It filters on 2 different attributes. From the attribute name I assume you use ActiveDirectory, and these attributes are specific of AD, this is not LDAP related. (And if by `objectCategory` you mean `objectClass`, it is a LDAP attribute which specifies the type of entry and its definition: which attributes are available for example) — Esteban, Jul 18 '17 at 12:16

score 1 · Accepted Answer · answered Jul 18 '17 at 12:19

To negate an attribute on a LDAP filter, look at this page : http://www.ldapexplorer.com/en/manual/109010000-ldap-filter-syntax.htm

(!(department=<NUMBER TO EXCLUDE>)) Should be used

If you need to filter on multiple attributes, from your example you need every entries which have sAMAccountType=805306368 and are not in department=<NUMBER TO EXCLUDE>, so the filter will be :

(&(sAMAccountType=805306368)(!(department=<NUMBER TO EXCLUDE>)))

Thanks a lot for the answer – Mert Serimer Jul 18 '17 at 13:36 — Mert Serimer, Jul 18 '17 at 13:36

unboundid ldap SDK how to get all users and exclude a department

1 Answers1