Simple query
$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(cn=TestUser1)"Multiple filters for more accurate search results
$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(&(cn=TestUser)(ou=TestOU))"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(&(cn=TestUser)(o=TestOrg))"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(&(cn=TestUser)(ou=TestOU)(ou=TestOU))"Single wildcard in query filters
$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(cn=*abc)"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(&(cn=TestUser*)(ou=TestOU))"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(&(cn=TestUser*)(o=TestOrg))"Two wildcard queries
Note
Use to search on text in the middle of a string, with wildcards at the start and end.
$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(cn=*abc*)"$Block three or more wildcards
$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub"(cn=a*bc*d*)"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(cn=*a*b*c)"The LDAP server supports objectClasses pkiUser or pkiUserData for end user certificates and pkiCA or pkiCAData for CAs.Queries for end user certificates may include filters like (|(objectClass=pkiUser)(objectClass=pkiUserData)).
User certificate search
$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(&(cn=Test*)(|(objectClass=pkiUser)(objectClass=pkiUserData)))"CA certificate search
$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(&(cn=TEST CA*)(|(objectClass=pkiCA)(objectClass=pkiCAData)))"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(&(cn=Test*)(cn=User*))"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b "" -s sub "(cn=Test*)" "usercertificate;binary"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b "cn=TEST CA LDAP" "cacertificate;binary"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b "cn=TEST CA LDAP" "certificaterevocationlist;binary"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(cn=*)"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub"(cn=a*)"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(cn=*ab*)"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(cn=*ab)"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(cn=*a)"$ ldapsearch -h directory.one.digicert.com -p 389 -x -b"" -s sub "(cn=*a*b)"