If you want to find one or more objects in the directory with specific criteria, you have to perform an LDAP search. This can be done by selecting any container object (in the treeview panel or the object list) and pressing CTRL-F or using the menu option Edit - Search. If you do so, the Search dialog is shown.
The Search dialog gives you two choices:
This search lets you find an object quickly by it's name. Just enter the name to search for in the text box and press the Start Search button. Actually, LEX is performing here an LDAP search with complex filter as well if you use this option. But you just have to enter a string and the technical filter string is built internally by LEX. The following rules are in place here:
Active Directory environments: If you enter 'xyz' in the text box, LEX uses internally the following LDAP filter string: (anr=xyz). This is a special 'ambiguous name resolution' (ANR) filter for AD, it is also used if you search for email recipients in Outlook, for example. It is very (!) fast, because this filter is hard coded in the AD LDAP server. ANR filters include the object's relative distinguished name and the following attributes into the object internal search: givenName, sn, displayName, legayExchangeDN, proxyAddresses and physicalDeliveryOfficeName. Unfortunately, the users logon names (userPrincipalName and sAMAccountName) are not included, if you want to search for them, you have to use the Complex Search.
Other LDAP environments: If you enter 'xyz' in the text box, LEX uses internally the following LDAP filter string: (|(cn=*xyz*)(ou=*xyz*)(name=*xyz*)(uid=*xyz*)(fullname=*xyz*)(mail=*xyz*)
Exchange 5.5 environments: If you enter 'xyz' in the text box, LEX uses internally the following LDAP filter string: (|(cn=*xyz*)(ou=*xyz*)(rdn=*xyz*)(uid=*xyz*)(mail=*xyz*))
This search lets you perform a search with any valid LDAP filter. The text box for the LDAP search filter string is pre-filled with the content of the LEX Filter Factory, the place where filters can be easily constructed and stored. If you are not familiar with the LDAP filter syntax, read the manual topic about Building LDAP Filters first.
For manipulating the search filter in the Complex Search, you have the following buttons available:
Construct: This opens the Filter Constructor dialog for the current LDAP filter string in the text box. You can build even complex filters conveniently with a GUI dialog here.
Save Filter: You can save the current filter string into a text file, which can be loaded easily later on if you need it again. LEX stores the appropriate filter files in the Profile and Filter Storage Path in the subdirectory 'LDAPFilter' as text files.
Load Filter: You can load a previously saved filter here. LEX stores the appropriate filter files in the Profile and Filter Storage Path in the subdirectory 'LDAPFilter' as text files. When you use the pull down menu of this button, LEX searches this subdirectory for files and gives you the possibility to immediately load the filters without any further dialog action. Even if you never saved an LDAP filter before, there should be some filter examples which were installed together with the application.
You can structure your filter set into different categories by just saving the filters in different sub directories. LEX detect these sub directories with the filter files and shows them as a sub menu structure:
Start Search: This initiates the search operation on the directory.
If you have a list of object names, or mail adresses, or logon names ( either in a text editor, or in an Excl sheet), you can search for the obejcts with the regarding properties very easily here. Just get the entire list into the windows clipboard and paste the clipboard content into the Complex Search field in the Search Dialog window:
Immediately after that you will be asked what attributes these inserted strings are representing. You cn choose from the list of schema attributes or you could just tpe in the attribute name. If your list for example contains logon names of Active Directory users, you should choose "sAMAccountName" as the attribute name to built the LDAP filter. The actual filter is now constructed from the inserted list and your attribute name:
There are other topics which show details for search operations: