如何編寫搜索過濾器以在LDAP中搜索手機號碼或電話號碼？

Question

我想使用搜索過濾器來查詢LDAP。爲了連接到LDAP服務器，我使用了node.js.

我可以使用搜索過濾器在LDAP中搜索任何名稱。但是當我嘗試搜索任何手機號碼或電話號碼時，我收到錯誤：request timeout (client interrupt)。

這裏是Node.js的代碼時，我搜索了名的作品：

var ldap = require('ldapjs'); 
var sys = require('sys'); 
var assert = require('assert-plus'); 

var username = 'XXXXXXX'; 
var password = 'XXXXXXX'; 
var domain = "cts.com"; 
var searchBase = 'dc=cts,dc=com'; 


var client = ldap.createClient({ 
    url: 'ldap://myipaddress:portnumber', 
    bindDN: "cts.com", 
    timeout: 5000, 
    connectTimeout: 10000 
}); 

client.bind('cts\\'+username, password, function (err) { 
    if (err) { 
     console.log(err); 
     client.unbind(function (err) { 
      console.log('3'); 
      if (!err) { 
       console.log('successfully unbind'); 
      } 
      else { 
       console.log(err); 
      } 
     }); 
    } else { 
     console.log('authenticated'); 
     var searchResult = search(); 
    } 
}); 

function search(){ 
    var opts = { 
     filter:'(sAMAccountName='+username+')', 
     scope: 'sub', 
     attributes: ['sAMAccountName','name','givenName','distinguishedName','displayName','cn','sn', 
        'mail','title','description','department','company','manager', 
        'telephoneNumber','mobile','co','c','l','st','postalCode'], 
    }; 

    client.search(searchBase, opts, function(err, res) { 
     assert.ifError(err); 

     res.on('searchEntry', function(entry) { 
      console.log('searchEntry'); 
      var user = entry.object; 
      console.log(user.objectGUID); 
      if(entry.object){ 
       console.log('entry: %j ' + JSON.stringify(entry.object)) 
      } 
     }); 
     res.on('searchReference', function(referral) { 
      console.log('searchReference'); 
      console.log('referral: ' + referral.uris.join()); 
     }); 
     res.on('error', function(err) { 
      console.error('error: ' + err.message); 
     }); 
     res.on('end', function(result) { 
      console.log('status: ' + result.status); 
      return result;  
     }); 
    }); 
} 

結果運行在命令提示符上面的代碼後，我得到的是：

 
authenticated 
undefined 
searchEntry 
undefined 

entry: %j {"dn":"CN=anyname,OU=Users,OU=DLF,OU=Chennai,OU=India,OU=APAC,OU=mycompanyname,DC=cts,DC=com","controls":[],"cn":"name","sn":"K-5","c":"IN","l":"C 
    hennai","st":"TN","title":"Developer","description":"Associate","postalCode":"600089","telephoneNumber":"123455","givenName":"XXXXXXXXX","distinguis 
    hedName":"CN=XXXXXXXX,OU=Users,OU=DLF,OU=Chennai,OU=India,OU=APAC,OU=Cognizant,DC=cts,DC=com","displayName":"XXXXXXXX","co":"IND","department":"Mobility-MM","company":"Any Company Name","name":"anyname","sAMAccountName":"employeeID","mail":"mailid@gmail.com","mobile":"999-091-3918" 
} 

下一頁我需要搜索LDAP「移動」字段。所以我做的是，我重寫搜索過濾器爲

var searchNumber = '999-091-3918'; 

var opts = { 
     filter:'(mobile='+searchNumber+')', 
     scope: 'sub', 
     attributes: ['sAMAccountName','name','givenName','distinguishedName','displayName','cn','sn', 
        'mail','title','description','department','company','manager', 
        'telephoneNumber','mobile','co','c','l','st','postalCode'], 
    }; 

並運行代碼。

這次我得到error request timeout (client interrupt)。任何人都可以幫助我如何在LDAP中編寫移動和電話號碼的搜索過濾器？

Answer 1

您必須在LDAP過濾器字符串中轉義搜索值，因爲(或)等字符具有特殊含義，並且在未轉義時會中斷過濾器。

LDAP過濾器字符串的字符轉義模式是"\"和字符的十六進制代碼。 "("將是"\28"。

另見http://msdn.microsoft.com/en-us/library/aa746475.aspx，部分「特殊字符」

所以，你的過濾器應該是（當然這適用於所有其他領域，如「名」也一樣）：

var opts = { 
     filter:'(mobile=' + ldapFilterEscape(searchNumber) + ')', 
     // etc, etc 
    }; 

其中ldapFilterEscape是

function ldapFilterEscape(str) { 
    return str.replace(/[*()\\\/]/g, function ($0) { 
     return "\\" + $0.charCodeAt(0).toString(16); 
    }); 
}