The search filter specifies the relationship between the attributes and values of those attributes in the prefix expression notation.
The following are examples of valid search filters:
| Search Filter | Meaning |
|---|---|
| (objectClass=*) | All objects that have objectClass attribute present. |
| (cn=FooBar) | All objects having cn property equal to "FooBar". |
| (&(objectClass=User)(revision>=10)) | All user objects that have the property revision greater than or equal to 10. |
| (&(objectClass=Computer)(|(name=a*)(name=b*))) | All Computer objects which have name attribute starting with "a" or "b". |
The formal definition of the search filter is as follows (from RFC 1960):
<filter> ::= '(' <filtercomp> ')'
<filtercomp> ::= <and> | <or> | <not> | <item>
<and> ::= '&' <filterlist>
<or> ::= '|' <filterlist>
<not> ::= '!' <filter>
<filterlist> ::= <filter> | <filter> <filterlist>
<item> ::= <simple> | <present> | <substring>
<simple> ::= <attr> <filtertype> <value>
<filtertype> ::= <equal> | <approx> | <ge> | <le>
<equal> ::= '='
<approx> ::= '~='
<ge> ::= '>='
<le> ::= '<='
<present> ::= <attr> '=*'
<substring> ::= <attr> '=' <initial> <any> <final>
<initial> ::= NULL | <value>
<any> ::= '*' <starval>
<starval> ::= NULL | <value> '*' <starval>
<final> ::= NULL | <value>
The token <attr> is a string representing an AttributeType. The token <value> is a string representing an AttributeValue whose format is defined by the underlying directory service.
If a <value> must contain one of the characters * or ( or ), the character should be preceded by \ escape character.