Page created: 4 Feb 2020 |
Page updated: 22 Jul 2020
Soft-deleted entries are excluded from normal LDAP searches because they represent "deleted" entries. The ldapsearch tool has been updated to support these types of searches. If you want the option to search for soft-deleted entries, there are three ways to do so:
- Base-Level Search on a Soft-Deleted entry by DN. Use ldapsearch and specify the base DN of the specific soft-deleted entry that you are searching for.
Filtered Search by
ds-soft-delete-entryobject class. To search for all soft-deleted entries, use ldapsearch with a filter on the
Soft-Delete-Entry-Access Control. You can use the Soft Delete Entry Access Control
with the LDAP search to return soft-deleted entries. The ldapsearch tool
provides a shortcut option,
--includeSoftDeletedEntries, that sends the control to the server for processing. The control allows for the following search possibilities:
- Return only soft-deleted entries.
- Return non-deleted entries along with soft-deleted entries.
- Return only soft-deleted entries in undeleted form.