## Searching the DIT

Like relational and other database types LDAP provides a query language to filter result entries.

No. 3

### Filtering child elements

 Q: Create LDAP queries corresponding to the following descriptions: All users entries within the whole DIT having a gidNumber value of 100. All user entries belonging to the billing department having a uid value greater than 1023. All user entries within the whole DIT having a common name containing the substring “ei”. All user entries within the whole DIT belonging to gidNumber == 100 or having a uid value starting with letter “t”. Hint: Apache Directory Studio allows both for filtering and searching providing nifty features like attribute name completion and syntax highlighting. For regular searches you may define: The DIT entry to start from being identified by its DN. The search scope being either of object, one level or subtree. Boolean expressions based on attribute values. But yes, I forgot to mention something. A: All users entries within the whole DIT having a gidNumber value of 100. Solution: (gidNumber=100), starting from top of DIT having subtree scope. All user entries belonging to the billing department having a uid value greater than 1023. Solution: (uidNumber>=1024) starting from DN ou=billing,dc=hdm-stuttgart,dc=de and scope one level. Notice the expression (uidNumber>=1024) in favour of the seemingly equivalent but syntactically illegal counterpart (uidNumber>1023). All user entries within the whole DIT having a common name containing the substring “ei”. Solution: (cn=*ei*), starting from top of DIT having subtree scope. All user entries within the whole DIT belonging to gidNumber == 100 or having a uid value starting with letter “t”. Solution: (|(gidNumber=100)(uid=t*)), starting from top of DIT having subtree scope.