AND Operation:
(& (...K1...) (...K2...)) or with more than two criteria:(&(...K1...)(...K2...)(...K3...)(...K4...))
OR Operation:
(| (...K1...)(...K2...)) or with more than two criteria:(|(...K1...)(...K2...)(...K3...)(...K4...))
Nested Operation:
Every AND/OR operation can also be understood as a single criterion:
(|(& (...K1...)(...K2...))(&(...K3...)(...K4...))) means:(K1 AND K2) OR (K3 AND K4)
The search criteria consist of a requirement for an LDAP attribute, e.g. (givenName=Sandra). Following rules should be considered:
Equality: (attribute=abc) , e.g. (&(objectclass=user)(displayName=Foeckeler)
Negation: (!(attribute=abc)) , e.g. (!objectClass=group)
Presence: (attribute=*) , e.g. (mailNickName=*)
Absence: (!(attribute=*)) , e.g. (!proxyAddresses=*)
Greater than: (attribute>=abc) , e.g. (mdbStorageQuota>=100000)
Less than: (attribute<=abc) , e.g. (mdbStorageQuota<=100000)
Proximity: (attribute~=abc) , e.g. (displayName~=Foeckeler) Caution: ~= is treated as = in ADS environments !!
Wildcards: e.g. (sn=F*) or (mail=*@cerrotorre.de) or (givenName=*Paul*)
More information