Search filter script
Cantor, Scott
cantor.2 at osu.edu
Mon May 2 19:09:48 EDT 2016
On 5/2/16, 6:12 PM, "users on behalf of John Morrison" <users-bounces at shibboleth.net on behalf of john.morrison at uadm.uu.se> wrote:
>Yes, I'm trying to fix our previous working script. It's a LDAP search filter from two attribute values or more obtained with the previous LDAP connector search. The script should then build something like this "(|(departmentNumber=x)(departmentNumber=y))" and then do another search based on this filter build script, this worked OK in IDPv2 but not in V3.
I would have to assume V2 had a bug. It using a value like that without escaping it would have been a mistake, so that probably got fixed. Just guessing.
>We have a tricky data model in our LDAP structure, arranged in different DN:s based on how many departments an employee is working in. We search out all departments based on their employee number returning multiple DN:s.
You would perhaps need a more creative use of Velocity inside the LDAP search template that implements some of the logic in that language and not in the script.
-- Scott
More information about the users
mailing list