Searching a Directory

Searches are the most common directory activity. The LDAP API lets you use a wide variety of search criteria and result-retrieval methods to find directory information. As with other LDAP operations, you can choose to perform a search synchronously or asynchronously. Extensions to the base LDAP API let you add sorting criteria and other extensions to your search request. There are three settings in the LDAP structure that affect the way searching occurs:

  • The LDAP_OPT_SIZELIMIT option limits the number of results returned from a search.
  • The LDAP_OPT_TIMELIMIT option limits the amount of time spent on a search.
  • The LDAP_OPT_DEREF option determines when or if aliases are dereferenced during a search.

The ldap_search and ldap_search_s functions are the original (LDAP 2.0) asynchronous and synchronous search functions. If you want to specify a local time-out for a synchronous search, use the ldap_search_st function. The extended functions ldap_search_ext and ldap_search_ext_s support LDAP 3.0 server controls and client controls and allow you to specify varying size and time limits for each search operation.

The following code example shows how to do a search to retrieve all attributes and all values under the entry, ou=PNS, o=USSA, c =US.
ULONG CallValue;
int SearchScope, AttrsOnly, CallValue;
TCHAR SearchBase[128], SearchFilter[128], **Attrs;

// Start searching at this entry
_tcscpy(SearchBase, _T("ou = PNS, o = USSA, c = US")); 

// Search the base entry and all subentries
SearchScope = LDAP_SCOPE_SUBTREE; 
_tcscpy(SearchFilter, _T("(objectclass=*)"));  // get all entries
Attrs = NULL; // get all attributes
AttrsOnly = 0; // get values as well as attributes
CallValue = ldap_search(ld,            // LDAP *
                        SearchBase,    // The Base DN
                        SearchScope,   // Search Scope
                        SearchFilter,  // Search Filter
                        Attrs,         // List of attributes to retrieve
                        AttrsOnly      // Retrieve Attributes and Values?
);
//can pass CallValue to ldap_result to check on the
//status of the asynchronous operation.

See Also

Using the LDAP API

 Last updated on Friday, April 09, 2004

© 1992-2003 Microsoft Corporation. All rights reserved.