LDAP Search with Wild Card for ACF2


Article ID: 194880


Updated On:


CA ACF2 CA ACF2 - DB2 Option CA ACF2 for zVM CA ACF2 - z/OS CA ACF2 - MISC CA LDAP Server for z/OS CA PAM Client for Linux for zSeries CA Web Administrator for Top Secret


What ldapsearch request can be used to list all users that have a value in a particular field of the ACF2  Logonid record.
for example... list all logonids with an acc-srce that includes 0A


Release : 16.0

Component : CA LDAP Server for z/OS


The following ldapsearch command will  return a list of all logonids that contain 0A in the ACC-SRCE field

./ldapsearch -x -D cn=ADMIN01 -w pswd -h systema.company.com -p 389  -b "acf2admingrp=lids, host=sysa.company.com,o=name,c=us"  "AccessSource=*0A*"  "AccessSource"          

# USER01, lids, suffix                      
dn: acf2lid=USER01,acf2admingrp=lids,suffix                                                                    

AccessSource: 0A123456             

 # USER02, lids, suffix                      
dn: acf2lid=USER02,acf2admingrp=lids,suffix                                                                    

AccessSource: 560A568024 


Unfortunately, this command does not only show entries that BEGIN with 0A, it will also show entries that CONTAIN the value 0A.
There is no command available to just show "begins with..."