1

I need to retrieve all Organizational Units from a given DN stringh, I am using Net::LDAP module and this little script:

my $msg = $ldap->search(
    base=>'DC=sample1,DC=sample2',
    filter=>'(objectclass=User)',
);
foreach $entry ($msg->entries) {
    $dn = $entry->dn;
    #how can i retrieve OUs?
}

For example if dn returns that string:

CN=Sample Sample,OU=One,OU=Two,DC=sample1,DC=sample2

I want to retrieve One and Two.

raz3r
  • 3,071
  • 8
  • 44
  • 66

2 Answers2

3

Issue a one level search request using the base object dc=example1,dc=sample2 and a presence filter of (ou=*). Given those results, issue a one level search using each returned ou with a presence filter of (ou=*). For each of these searches, specify a size limit and a time limit. For more information on search requests, see "LDAP: Using ldapsearch" and "LDAP: programming practices".

Nightfirecat
  • 11,432
  • 6
  • 35
  • 51
Terry Gardner
  • 10,957
  • 2
  • 28
  • 38
  • What do you mean with "one level search"? Sorry but it's my first time with LDAP queries. Is there a way I can retrieve those values starting from the search I did? – raz3r Nov 09 '11 at 10:07
  • 1
    A "one level search" restricts the search to the immediate subordinates of an entry. For example, a one-level search at dc=sample1,dc=sample2 would return just the entries immediately below dc=sample1,dc=sample2, such as ou=two in your example. LDAP has three 'scopes', 'base' (the entry itself), 'one' (as stated, immediate subordinates), and 'sub' (all entries below the target and the target itself). A search with a scope of 'one' at dc=example1,dc=example2 would return ou=two and all other entries at that level, but none below that level. The code could then iterate through those. – Terry Gardner Nov 09 '11 at 13:52
0

Most detailed "(&(ou=*)(objectClass=organizationalunit))"

dorancemc
  • 123
  • 1
  • 5
  • The question is seeking some `perl` code that will retrieve OUs. At the time of adding this comment, it does not seem to offer that answer. Consider [edit]ing your answer to provide more detail of what you mean. – Richardissimo Apr 26 '18 at 17:36