Search users&groups in windows 2016 AD with eldap

Questions / Help
1

Hello everyone,

I am trying to search for users and groups inside a Windows 2016 Active Directory using eldap.

I can connect and bind.

I can search for resources with…

  def search(pid, search, filter_term) do
    filter = :eldap.substrings('cn', [{:any, to_charlist(filter_term)}])
    :eldap.search(pid, [{:base, to_charlist(search)}, {:filter, filter}])
  end

# and search like this

Ldap.search pid, "dc=koko,dc=local", "test"
{:ok,
 {:eldap_search_result,
  [
    {:eldap_entry, 'CN=Test,DC=KOKO,DC=LOCAL',
     [
       {'objectClass', ['top', 'group']},
       {'cn', ['Test']},
       {'member',
        ['CN=Lucie,DC=KOKO,DC=LOCAL', 'CN=Marco,DC=KOKO,DC=LOCAL']},
       ...
     ]}
  ],

But I cannot figure how to filter on objectClass, that would help me sort only users, or groups.

I need to use something like (&(objectCategory=person)(objectClass=user)), but translated to eldap. If You can help me find the right syntax, or find examples of usage for eldap… I already had a look at eldap documentation, but it miss some practical examples.

Thanks for taking time

2

I think it’s something like:

filter = :eldap.and([
  :eldap.substrings('cn', [{:any, to_charlist(filter_term)}]),
  :eldap.or([
    :eldap.equalityMatch('objectClass', 'user'),
    :eldap.equalityMatch('objectClass', 'person'),
  ])
)])

but haven’t tried.

3 Likes
3

Thank You very much…

There is a parens too much at the end, but your code does the trick :slight_smile:

Like this… for future reference.

    filter = :eldap.and([
      :eldap.substrings('cn', [{:any, to_charlist(filter_term)}]),
      :eldap.or([
        :eldap.equalityMatch('objectClass', 'user'),
        :eldap.equalityMatch('objectClass', 'person'),
      ])
    ])
4 Likes