Running a search using the soft delete entry access control - PingDirectory - 9.3

PingDirectory 9.3

bundle
pingdirectory-93
ft:publication_title
PingDirectory 9.3
Product_Version_ce
PingDirectory 9.3 (Latest)
category
Product
pd-93
pingdirectory
ContentType_ce

The following examples use the --includeSoftDeleteEntries {with-non-deleted-entries | without-non-deleted-entries | deleted-entries-in-undeleted-form} option, which uses the soft delete entry access control.

You can use the --control option with the soft delete entry access control symbolic name, softdeleteentryaccess, or the --control option with the actual soft delete entry access control OID, 1.3.6.1.4.1.30221.2.5.24.

  1. To return only soft-deleted entries, run ldapsearch using the --includeSoftDeletedEntries option with the value of without-non-deleted-entries.
    $ bin/ldapsearch --baseDN dc=example,dc=com \ 
      --includeSoftDeletedEntries without-non-deleted-entries \ 
      --searchScope sub "(objectclass=*)"
  2. To return non-deleted entries along with soft-deleted entries, run ldapsearch using the --includeSoftDeletedEntries option with the value of with-non-deleted-entries.
    $ bin/ldapsearch --baseDN dc=example,dc=com \ 
      --includeSoftDeletedEntries with-non-deleted-entries \ 
      --searchScope sub "(objectclass=*)"
  3. To return only soft-deleted entries in undeleted form, run ldapsearch using the --includeSoftDeletedEntries option with the value of deleted-entries-in-undeleted-form.
    Some applications require access to all entries in the server, including both active and soft-deleted entries.

    The following command returns all entries that were soft-deleted but presents it in a form that is similar to a regular entry with the soft-delete DN in comments. This regular entry format does not show the actual soft-deleted DN but displays it in an "undeleted" form even though it is not actually "undeleted". The object class, ds-soft-delete-entry, is also not displayed.

    $ bin/ldapsearch --baseDN dc=example,dc=com \ 
      --includeSoftDeletedEntries deleted-entries-in-undeleted-form \
      --searchScope sub "(ds-soft-delete-from-dn=*)"  
    
    # Soft-deleted entry DN: 
    # entryUUID=2b5511e2-7616-389b-ab0c-025c805ad32c+uid=user.14,ou=People,dc=exam-
    ple,dc=com 
    dn: uid=user.14,ou=People,dc=example,dc=com 
    objectClass: top
    objectClass: person 
    objectClass: organizationalPerson 
    objectClass: inetOrgPerson 
    postalAddress: Abdalla Abdou$78929 Hillcrest Street$Elmira, ME 93080
    postalCode: 93080  
    description: This is the description for Abdalla Abdou.      
    uid: user.14
    userPassword: {SSHA}7GkzWiMiU12m5m+xBV+ZsoX3gVacMcRtSwDTFg==           
    employeeNumber: 14
    initials: AFA
    givenName: Abdalla           
    pager: +1 307 591 4870
    mobile: +1 401 069 1289           
    cn: Abdalla Abdou
    sn: Abdou
    telephoneNumber: +1 030 505 6190           
    street: 78929 Hillcrest Street
    homePhone: +1 119 487 2328
    l: Elmira
    mail: user.14@maildomain.net
    st: ME