rubyldapnetldap

Better way to query an LDAP users via ruby net-ldap?


Is there a better way to search for users and computers specifically using the Net-ldap gem?

Here is what I am currently having to do to get only users.

results = search :base => @base, :filter => Net::LDAP::Filter.eq("cn", "*")
  @results = Array.new

  results.each do |result|
    @results.push result if result[:objectclass].include? "person" unless result[:objectclass].include? "computer"

Seems like there would be a better way. I can't see anything obvious in the documentation.


Solution

  • You can use the Join filter functionality of net-ldap:

    filter = Net::LDAP::Filter.eq("sAMAccountName", "*")
    filter2 = Net::LDAP::Filter.eq("objectCategory", "organizationalPerson")
    
    joined_filter = Net::LDAP::Filter.join(filter, filter2)
    
    ldap.search(:base => treebase, :filter => joined_filter) do |entry|
        puts entry.sAMAccountName
    end