Page created: 6 Nov 2019
|
Page updated: 25 Mar 2020
Soft-deleted entries are excluded from normal LDAP searches because they represent "deleted"
entries. The ldapsearch tool has been updated to support these types of
searches. If you want the option to search for soft-deleted entries, there are three ways to do
so:
- Base-Level Search on a Soft-Deleted entry by DN. Use ldapsearch and specify the base DN of the specific soft-deleted entry that you are searching for.
-
Filtered Search by
ds-soft-delete-entry
object class. To search for all soft-deleted entries, use ldapsearch with a filter on theds-soft-delete-entry
objectclass. -
Soft-Delete-Entry-Access Control. You can use the Soft Delete Entry Access Control
with the LDAP search to return soft-deleted entries. The ldapsearch tool
provides a shortcut option,
--includeSoftDeletedEntries
, that sends the control to the server for processing. The control allows for the following search possibilities:- Return only soft-deleted entries.
- Return non-deleted entries along with soft-deleted entries.
- Return only soft-deleted entries in undeleted form.