     ldapsearchprefs.conf - configuration file  for  LDAP  search
     preference routines


     The  ldapsearchprefs.conf file contains information used  by
     LDAP  when  searching  the  directory. Blank lines and lines
     that start with a hash ('#') character are treated  as  com-
     ments  and  ignored.   Non-comment lines contain one or more
     tokens.  Tokens are separated by  white  space,  and  double
     quotes can be used to include white space inside a token.

     Search preferences are typically used by  LDAP-based  client
     programs to specify what a user may search for, which attri-
     butes are searched, and which options are available  to  the

     The first non-commment line specifies  the  version  of  the
     template information and must contain the token Version fol-
     lowed by an integer version number.  For example:

     Version 1

     The current version is 1, so the above example is always the
     correct opening line.

     The remainder of the file consists of  one  or  more  search
     preference  configurations.  The  first  line  of  a  search
     preference is a human-readable name for the type  of  object
     being  searched  for, for example  People or  Organizations.
     This name is stored in the so_objtypeprompt  member  of  the
     ldap_searchobj  structure (see ldap_searchprefs(3LDAP)). For


     specifies a label for a search preference designed  to  find
     X.500  entries for people.

     The next line specifies a list of options  for  this  search
     object.   The  only  option  currently allowed is "internal"
     which means that this search object should not be  presented
     directly  to  a  user.  Options are placed in the so_options
     member of the ldap_searchobj structure  and  can  be  tested
     using  the   LDAP_IS_SEARCHOBJ_OPTION_SET() macro. Use "" if
     no special options are required.

     The next line specifes a label to use  for  "Fewer  Choices"
     searches.   "Fewer  Choices"  searches  are  those where the

     user's input is fed to the ldap_filter routines to determine
     an   appropriate   filter   to  use.   This  contrasts  with
     explicitly-constructed  LDAP  filters,  or  "More   Choices"
     searches,  where  the  user can explicitly construct an LDAP

     For example:

     "Search For:"

     can be used by LDAP client programs to label the field  into
     which the user can type a "Fewer Choices" search.

     The next line specifies an LDAP filter prefix to  append  to
     all  "More  Choices"  searched.   This  is typically used to
     limit the types of entries returned to  those  containing  a
     specific object class.  For example:


     would cause only entries containing the object class  person
     to  be  returned  by a search.  Note that parentheses may be
     unbalanced here, since this  is  a  filter  prefix,  not  an
     entire filter.

     The next line is an LDAP filter tag which specifies the  set
     of LDAP filters to be applied for "Fewer Choices" searching.
     The line


     would tell the client program to use the set of LDAP filters
     from  the  ldap  filter  configuration  file  tagged  "x500-

     The next line specifies an LDAP  attribute  to  retrieve  to
     help  the  user choose when several entries match the search
     terms specified.  For example:


     specifies that if more than one  entry  matches  the  search
     criteria,  the  client  program  should  retrieve the  title
     attribute that and present that to the user to allow them to
     select  the  appropriate  entry.  The  next line specifies a
     label for the above attribute, for example,


     Note that  the  values  defined  so  far  in  the  file  are
     defaults,  and  are  intended   to   be  overridden  by  the
     specific search options that follow.

     The next line specifies the scope of the LDAP search  to  be
     performed.  Acceptable  values  are  subtree,  onelevel, and

     The next section is a list of "More Choices" search options,
     terminated  by  a  line containing only the string  END. For

     "Common Name"  cn   11111     ""   ""
     "Surname" sn   11111     ""   ""
     "Business Phone"    "telephoneNumber"   11101     ""   ""

      Each line represents one  method  of  searching.   In  this
     example, there are three ways of searching - by Common Name,
     by Surname, and by Business Phone number.  The  first  field
     is  the  text which should be displayed to user.  The second
     field is the attribute which will be  searched.   The  third
     field  is  a bitmap which specifies which of the match types
     are permitted for this search type.  A "1" value in a  given
     bit  position  indicates  that  a  particular  match type is
     valid, and a "0" indicates that is it not valid.  The fourth
     and  fifth  fields  are,  respectively, the select attribute
     name and on-screen name for the selected  attribute.   These
     values are intended to  override the defaults defined above.
     If no specific values are specified,  the   client  software
     uses the default values above.

     The next section is a list of  search  match  options,  ter-
     minated  by  a a line containing only the string  END. Exam-

     "exactly matches"   "(%a=%v))"
     "approximately matches"  "(%a~=%v))"
     "starts with"  "(%a=%v*))"
     "ends with"    "(%a=*%v))"
     "contains"     "(%a=*%v*))"

     In this example, there are five ways of refining the search.
     For  each  method,  there  is an LDAP filter suffix which is
     appended to the ldap filter.

     Example 1: A Sample Configuration  Using  Search  Preference
     for "people"

     The following example illustrates one possible configuration
     of search preferences for "people".

     # Version number
     Version 1

     # Name for this search object
     # Label to place before text box user types in
     "Search For:"
     # Filter prefix to append to all "More Choices" searches
     # Tag to use for "Fewer Choices" searches - from ldapfilter.conf file
     # If a search results in > 1 match, retrieve this attribute to help
     # user distinguish between the entries...
     # ...and label it with this string:
     # Search scope to use when searching
     # Follows a list of "More Choices" search options.  Format is:
     # Label, attribute, select-bitmap, extra attr display name, extra attr ldap name
     # If last two are null, "Fewer Choices" name/attributes used
     "Common Name"                   cn                 11111  ""  ""
     "Surname"                       sn                 11111  ""  ""
     "Business Phone"                "telephoneNumber"  11101  ""  ""
     "E-Mail Address"                "mail"             11111  ""  ""
     "Uniqname"                      "uid"              11111  ""  ""
     # Match types
     "exactly matches"               "(%a=%v))"
     "approximately matches"         "(%a~=%v))"
     "starts with"                   "(%a=%v*))"
     "ends with"                     "(%a=*%v))"
     "contains"                      "(%a=*%v*))"

     In this example, the user may search for People.  For "fewer
     choices" searching, the tag for the  ldapfilter.conf(4) file
     is "x500-People".

     See attributes(5) for a description of the following  attri-

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | Availability                | SUNWlldap (32-bit)          |
    |                             | SUNWldapx (64-bit)          |
    | Stability Level             | Evolving                    |

