Searches and retrieves information from the specified LDAP directory


CALL LDAPS_SEARCH(lHandle, sHandle, filter, attributes, numEntries, rc);

Required Arguments

specifies the connection handle that is returned by the LDAPS_OPEN CALL routine. The connection handle identifies the open connection to use when searching the LDAP server.
Type:Numeric, Input
returns the search handle that identifies the list of entries returned in the search. The search handle is used in subsequent CALL routines to access the search results. The search handle remains valid until it is closed with the LDAPS_FREE or LDAPS_CLOSE CALL routine.
Type:Numeric, Output
specifies search criteria that determine that the entries are to be added to the entry list that is returned by the search.
Type:Numeric, Input
specifies the attributes to return along with each entry that matches the search criteria. If more than one attribute is specified, then the attributes must be separated by blank spaces, as follows:
attrs = objectclass sasdeliverytransport sasnamevalueinclusionfilter;
Specifying a null string indicates that all available attributes are to be returned, as follows:
attrs =
Type:Character, Input
returns the total number of result entries found during the search.
Type:Numeric, Output
receives a return code that indicates success or failure.
Type:Numeric, Output


The LDAPS_SEARCH CALL routine selects and retrieves entries from a specified LDAP directory. A search handle is returned so that information about specific entries and attributes can be obtained. The search information that is identified by the search handle can be used until it is explicitly freed using the LDAPS_FREE CALL routine or until the connection is closed using the LDAPS_CLOSE CALL routine.
Note: For Microsoft Active Directory servers, the maximum number of attributes that can be returned is limited. You can use a technique called range retrieval to work around this issue. For more information, see http://msdn.microsoft.com/en-us/library/aa367017.aspx in the Microsoft Developer Network library. The LDAPS_SEARCH CALL routine should not be used to retrieve internal attributes from a Microsoft Active Directory server.


Example 1

The following example returns a list of entries on the LDAP server that match the values of the specified filter. The list of entries returned from the search includes the values of two attributes for each matching entry.
attrs=description objectclass;
call LDAPS_SEARCH(lhandle, sHandle, filter, attrs, numEntries, rc);

Example 2

The following example prints to the SAS log the names and values of all attributes in all entries in a given LDAP directory.
call LDAPS_SEARCH(lhandle, sHandle, filter, attribs, numEntries, rc);
do entryIndex = 1 to numEntries;

   numAttributes = 0;

   /* retrieve entry indexed by integer entryIndex */
   call ldaps_entry(sHandle, entryIndex, entryName, numAttributes, rc);
   put 'Entry name is ' entryName;
   put 'Number of attributes returned is ' numAttributes;

   do attrIndex = 1 to numAttributes;
      call ldaps_attrname
         (sHandle,entryIndex, attrIndex, attribName, numValues, rc);

      do attrValueIndex = 1 to numValues;
         call ldaps_attrvalue
            (sHandle, entryIndex, attrindex, attrValueIndex, value, rc);
         put Attribute value is value;