In my Rails 3.2.11 app(using ruby 1.9.3-p327) I’m trying to search for
users in AD LDAP by their email.
I am using net-ldap 0.2.2 gem .
The current filter that I’m using is:-
filter = Net::LDAP::Filter.eq( "mail", "*#{str}*")
Here “str” basically refers to a part of a user’s email.
Now this filter will search for entries irrespective of whether its a
group or an actual user in the organisation. I don’t want it to search
for group email id’s when doing search for a user record.
One more thing that I observed is that since I am searching for a
substring, the query is taking longer. If I only search for the trailing
part of the string(pls refer code below) the query returns faster.
filter = Net::LDAP::Filter.eq( "mail", "#{str}*")
Since certain user emails are in the format
[email protected] , I thought I would need to use a sub
string search for better results.
I queried LDAP to get separate entry records for a user and a group to
see what could be used as a differentiator in my filter search. I found
that the objectcategory attribute is different wrt a user and a group.
Here’s a sample output of the objectcategory attribute for
a) group
:objectcategory=>[“CN=Group,CN=Schema,CN=Configuration,DC=xxx,DC=yyy”]
b) user
:objectcategory=>[“CN=Person,CN=Schema,CN=Configuration,DC=xxx,DC=yyy”]
I read about using join filters from the net-ldap documenation
Based on the above link the filter I would be using is:-
x = Net::LDAP::Filter.eq( "mail", "*mohn*") . This gives me all
email ids that have “mohn” as a substring .
y = Net::LDAP::Filter.eq( "objectcategory", "*Person*"). I know for
sure somewhere this filter query is incorrect, but how can I change this
to an appropriate search filter for objectcategory ?
I’m using a join on the two filters:-
filter = Net::LDAP::Filter.join(x, y)
How can I change the filter query “y” to give me faster search results ?
Also, I’m not sure if scope option as part of the search method can
help me further optimize my query. Can you please throw some light on
the usage of this as well ?
Thanks.