An operator is a symbol specifying an action that is performed on one or several expressions. The following operators are defined in LDAP-SQL:
Arithmetic Operators
| Operator | Description |
|---|---|
| + |
Addition Syntax expression + expression |
| - |
Subtraction Syntax expression - expression |
| * |
Multiplication Syntax expression * expression |
| / |
Division Syntax expression / expression |
Prolonging the value of the accountExpires attribute for 5 days:
UPDATE "CN=John Doe,DC=company" SET $accountExpires = $accountExpires + interval '5 days' SCOPE BASE
Increase the value of the minPwdLength attribute in 3 times:
UPDATE "DC=company,DC=com" SET $minPwdLength = $minPwdLength * 3
Logical OperatorsLogical operators test for the truth of some condition. Logical operators, like comparison operators, return a Boolean data type with a value of TRUE or FALSE.
| Operator | Description |
|---|---|
| AND |
Combines two logical expressions and returns TRUE,
if both expressions are TRUE. Otherwise, FALSE is returned.
Syntax boolean_expression AND boolean_expression |
| OR |
TRUE, if one of boolean expressions is TRUE. Otherwise,
returns FALSE. Syntax boolean_expression AND boolean_expression |
| NOT |
Negates a boolean expression Syntax NOT boolean_expression |
| EXISTS |
TRUE, if the requested attribute is defined. Syntax EXISTS attribute_name |
| IS [NOT] NULL |
TRUE is returned, if the value
is [not] equal to NULL. Otherwise, returns FALSE.
Syntax attribute_name IS [NOT] NULL |
boolean_expression - any acceptable boolean expression, the result of which is TRUE or FALSE.
attribute_name - name of the LDAP attribute.
Search for all users with mail attribute.
SELECT * FROM "OU=Managers,DC=company"
WHERE $objectClass='user' AND $objectCategory='Person'
AND EXISTS $mail
Find all users and computers.
SELECT * FROM "OU=Managers,DC=company"
WHERE $objectClass='user' AND $objectCategory='Person'
OR $objectClass='computer'
Search for all objects of class room with the roomNumber attribute specified.
SELECT * FROM "OU=Managers,DC=company" WHERE $objectClass='room' AND $roomNumber IS NOT NULL
Comparison OperatorsWith the help of comparison operators, you can compare two values. LDAP-SQL comparison operators are listed in the table below:
| Operator | Description |
|---|---|
| = | Is equal |
| > | Is greater |
| < | Is less |
| >= | Is greater or equal |
| <= | Is less or equal |
| != | Not equal |
| <> | Not equal |
expression - any acceptable expression. If expressions refer to different data types, data type of one expression must be implicitly available for converting into the data type of another expression.
operator - any comparison operator.
Search for all objects of class computer created from 2009-02-03 till 2010-11-25.
SELECT * FROM "DC=company,DC=com"
WHERE $objectClass='computer 'AND
$whenCreated >= '2009-02-03' AND $whenCreated <= '2010-11-25'
Search for all users whose givenName attribute is set to Jason.
SELECT * FROM "OU=Users,DC=company"
WHERE $objectClass='user' AND $objectCategory='Person'
AND $givenName = 'Jason'
String Join OperatorThe double-pipe symbol (||) is a string join operator. All other operations with strings are made with the help of string functions.
Joining three strings and assigning them to the description LDAP attribute.
UPDATE "CN=John Doe,DC=company" SET $description= 'John Doe' || ' - ' || 'Sales department'
Joining two LDAP attributes and assigning them to the description attribute.
UPDATE "CN=John Doe,DC=company" SET $description= $givenName || $mail