LDAP: How to search for a given uid across multiple organization units?

Question

First off, let me start by saying that I am totally new to working with LDAP.

I am working on an application that shares an LDAP server with a few legacy applications.

All of the user accounts in the legacy application are organized into Organizational Units by IDs. Each entry has a uid that is the users email address.

I can find if a user with the email [email protected] exists in the organizational unit 12345 by using a dn something like this: ou=someGroup,ou=12345,[email protected]

However, what I'd like to be able to do is check for the existence of a user across multiple organizational units. For example, I'd like to be able to check if an email is in use within with an arbitrary number of organizational units. (for example, check within 12345, 23452, and 34352).

After googling around, it seems that I should be able to find multiple entries with a single dn, but I haven't figured out how to check for this scenario.

Does anyone know how I can do a check like this? I am using Spring LDAP.

Answer 1

I believe you should be able to do this as follows:

As your search DN specify the domain components only:

BASE_DN = "DC=TEST,DC=COM"

As your filter, specify your CN or uid

FILTER = "UID=bob"

As your search be sure to specify "sub" or your Spring LDAP specific parameter to search the entire sub-tree below the base DN.

Depending on your setup, you may need to ask the search to Always Dereference links.