In my Rails 3.2.11 app(using ruby 1.9.3-p327) I'm trying to search for users in AD LDAP by their email.
I am using net-ldap 0.2.2 gem .
The current filter that I'm using is:-
filter = Net::LDAP::Filter.eq( "mail", "*#{str}*")
Here "str" basically refers to a part of a user's email.
Now this filter will search for entries irrespective of whether its a group or an actual user in the organisation. **I don't want it to search for group email id's when doing search for a user record**.
One more thing that I observed is that since I am searching for a substring, the query is taking longer. If I only search for the trailing part of the string(pls refer code below) the query returns faster.
filter = Net::LDAP::Filter.eq( "mail", "#{str}*")
Since certain user emails are in the format lastname.firstname@company.com , I thought I would need to use a sub string search for better results.
I queried LDAP to get separate entry records for a user and a group to see what could be used as a differentiator in my filter search. I found that the objectcategory attribute is different wrt a user and a group.
Here's a sample output of the objectcategory attribute for
a) group
:objectcategory=>["CN=Group,CN=Schema,CN=Configuration,DC=xxx,DC=yyy"]
b) user
:objectcategory=>["CN=Person,CN=Schema,CN=Configuration,DC=xxx,DC=yyy"]
I read about using join filters from the [net-ldap documenation][1]
Based on the above link the filter I would be using is:-
x = Net::LDAP::Filter.eq( "mail", "*mohn*") . This gives me all email ids that have "mohn" as a substring .
y = Net::LDAP::Filter.eq( "objectcategory", "*Person*"). I know for sure somewhere this filter query is incorrect, but how can I change this to an appropriate search filter for objectcategory ?
I'm using a join on the two filters:-
filter = Net::LDAP::Filter.join(x, y)
How can I change the filter query "y" to give me faster search results ?
Also, I'm not sure if scope option as part of the [search method][2] can help me further optimize my query. Can you please throw some light on the usage of this as well ?
Thanks.
[1]: http://net-ldap.rubyforge.org/Net/LDAP/Filter.html [2]: http://net-ldap.rubyforge.org/Net/LDAP.html
