如何编写搜索过滤器以在LDAP中搜索手机号码或电话号码？

Question

我想使用搜索过滤器来查询LDAP。为了连接到LDAP服务器，我使用了node.js.

我可以使用搜索过滤器在LDAP中搜索任何名称。但是当我尝试搜索任何手机号码或电话号码时，我收到错误：request timeout (client interrupt)。

这里是Node.js的代码时，我搜索了名的作品：

var ldap = require('ldapjs'); 
var sys = require('sys'); 
var assert = require('assert-plus'); 

var username = 'XXXXXXX'; 
var password = 'XXXXXXX'; 
var domain = "cts.com"; 
var searchBase = 'dc=cts,dc=com'; 


var client = ldap.createClient({ 
    url: 'ldap://myipaddress:portnumber', 
    bindDN: "cts.com", 
    timeout: 5000, 
    connectTimeout: 10000 
}); 

client.bind('cts\\'+username, password, function (err) { 
    if (err) { 
     console.log(err); 
     client.unbind(function (err) { 
      console.log('3'); 
      if (!err) { 
       console.log('successfully unbind'); 
      } 
      else { 
       console.log(err); 
      } 
     }); 
    } else { 
     console.log('authenticated'); 
     var searchResult = search(); 
    } 
}); 

function search(){ 
    var opts = { 
     filter:'(sAMAccountName='+username+')', 
     scope: 'sub', 
     attributes: ['sAMAccountName','name','givenName','distinguishedName','displayName','cn','sn', 
        'mail','title','description','department','company','manager', 
        'telephoneNumber','mobile','co','c','l','st','postalCode'], 
    }; 

    client.search(searchBase, opts, function(err, res) { 
     assert.ifError(err); 

     res.on('searchEntry', function(entry) { 
      console.log('searchEntry'); 
      var user = entry.object; 
      console.log(user.objectGUID); 
      if(entry.object){ 
       console.log('entry: %j ' + JSON.stringify(entry.object)) 
      } 
     }); 
     res.on('searchReference', function(referral) { 
      console.log('searchReference'); 
      console.log('referral: ' + referral.uris.join()); 
     }); 
     res.on('error', function(err) { 
      console.error('error: ' + err.message); 
     }); 
     res.on('end', function(result) { 
      console.log('status: ' + result.status); 
      return result;  
     }); 
    }); 
} 

结果运行在命令提示符上面的代码后，我得到的是：

 
authenticated 
undefined 
searchEntry 
undefined 

entry: %j {"dn":"CN=anyname,OU=Users,OU=DLF,OU=Chennai,OU=India,OU=APAC,OU=mycompanyname,DC=cts,DC=com","controls":[],"cn":"name","sn":"K-5","c":"IN","l":"C 
    hennai","st":"TN","title":"Developer","description":"Associate","postalCode":"600089","telephoneNumber":"123455","givenName":"XXXXXXXXX","distinguis 
    hedName":"CN=XXXXXXXX,OU=Users,OU=DLF,OU=Chennai,OU=India,OU=APAC,OU=Cognizant,DC=cts,DC=com","displayName":"XXXXXXXX","co":"IND","department":"Mobility-MM","company":"Any Company Name","name":"anyname","sAMAccountName":"employeeID","mail":"mailid@gmail.com","mobile":"999-091-3918" 
} 

下一页我需要搜索LDAP“移动”字段。所以我做的是，我重写搜索过滤器为

var searchNumber = '999-091-3918'; 

var opts = { 
     filter:'(mobile='+searchNumber+')', 
     scope: 'sub', 
     attributes: ['sAMAccountName','name','givenName','distinguishedName','displayName','cn','sn', 
        'mail','title','description','department','company','manager', 
        'telephoneNumber','mobile','co','c','l','st','postalCode'], 
    }; 

并运行代码。

这次我得到error request timeout (client interrupt)。任何人都可以帮助我如何在LDAP中编写移动和电话号码的搜索过滤器？

Answer 1

您必须在LDAP过滤器字符串中转义搜索值，因为(或)等字符具有特殊含义，并且在未转义时会中断过滤器。

LDAP过滤器字符串的字符转义模式是"\"和字符的十六进制代码。 "("将是"\28"。

另见http://msdn.microsoft.com/en-us/library/aa746475.aspx，部分“特殊字符”

所以，你的过滤器应该是（当然这适用于所有其他领域，如“名”也一样）：

var opts = { 
     filter:'(mobile=' + ldapFilterEscape(searchNumber) + ')', 
     // etc, etc 
    }; 

其中ldapFilterEscape是

function ldapFilterEscape(str) { 
    return str.replace(/[*()\\\/]/g, function ($0) { 
     return "\\" + $0.charCodeAt(0).toString(16); 
    }); 
}