starred/lldap-lldap

Fork 0

mirror of https://github.com/lldap/lldap.git synced 2026-04-25 08:15:52 +03:00

[GH-ISSUE #1133] [FEATURE REQUEST] Search multi-valued custom attributes #405

New issue

Open

opened 2026-02-27 08:17:07 +03:00 by kerem · 6 comments

kerem commented

2026-02-27 08:17:07 +03:00

Owner

Originally created by @nitnelave on GitHub (Mar 29, 2025).
Original GitHub issue: https://github.com/lldap/lldap/issues/1133

Motivation
Examples: mail aliases for stalwart.
Substring searches in aliases for domain matching.

Describe the solution you'd like
Ability to search multi valued attributes, as well as doing substring matches, or date/integer comparisons.

Describe alternatives you've considered
Sometimes you can use alias1, alias2 and so on. But some systems have unbounded number of aliases, or require wildcards, which are not feasible.
We could also auto-create the attributes with a plugin, and modify the filters with the plugin, but it's a hacky way.

Originally created by @nitnelave on GitHub (Mar 29, 2025). Original GitHub issue: https://github.com/lldap/lldap/issues/1133 **Motivation** Examples: mail aliases for stalwart. Substring searches in aliases for domain matching. **Describe the solution you'd like** Ability to search multi valued attributes, as well as doing substring matches, or date/integer comparisons. **Describe alternatives you've considered** Sometimes you can use alias1, alias2 and so on. But some systems have unbounded number of aliases, or require wildcards, which are not feasible. We could also auto-create the attributes with a plugin, and modify the filters with the plugin, but it's a hacky way.

kerem added the

labels

2026-02-27 08:17:07 +03:00

kerem commented

2026-02-27 08:17:08 +03:00

Author

Owner

@rhclayto commented on GitHub (Apr 10, 2025):

Oh wow, I just saw this. Just came here to ask about a problem I've been trying to debug. It's this. I'm hoping to switch from OpenLDAp to lldap, but my Postfix configuration uses LDAP queries for aliases stored in multi-value attributes. So I guess this isn't going to work for me just yet.

Any timeline on this?

PS: I also used substring searches, but I managed to work around not having those (which I saw was the case in another issue). Would be a great bonus to have those too.

@rhclayto commented on GitHub (Apr 10, 2025): Oh wow, I just saw this. Just came here to ask about a problem I've been trying to debug. It's this. I'm hoping to switch from OpenLDAp to lldap, but my Postfix configuration uses LDAP queries for aliases stored in multi-value attributes. So I guess this isn't going to work for me just yet. Any timeline on this? PS: I also used substring searches, but I managed to work around not having those (which I saw was the case in another issue). Would be a great bonus to have those too.

kerem commented

2026-02-27 08:17:08 +03:00

Author

Owner

@nitnelave commented on GitHub (Apr 10, 2025):

Are you sure you can't make it work with alias1, alias2 and so on? It's not the prettiest, but it works.

As for the timeline, I could tell you it would take a week of free time to do this, but I can't tell you when that would be :)

@nitnelave commented on GitHub (Apr 10, 2025): Are you sure you can't make it work with alias1, alias2 and so on? It's not the prettiest, but it works. As for the timeline, I could tell you it would take a week of free time to do this, but I can't tell you when that would be :)

kerem commented

2026-02-27 08:17:08 +03:00

Author

Owner

@rhclayto commented on GitHub (Apr 11, 2025):

I will contribute configuration instructions for Postfix & Dovecot whenever you have time to add this in.

@rhclayto commented on GitHub (Apr 11, 2025): I will contribute configuration instructions for Postfix & Dovecot whenever you have time to add this in.

kerem commented

2026-02-27 08:17:08 +03:00

Author

Owner

@rhclayto commented on GitHub (Jan 21, 2026):

Hi. Just following up. I would still love to see this, but of course, not meaning to pester. I wish I knew Rust so I could help out.

@rhclayto commented on GitHub (Jan 21, 2026): Hi. Just following up. I would still love to see this, but of course, not meaning to pester. I wish I knew Rust so I could help out.

kerem commented

2026-02-27 08:17:08 +03:00

Author

Owner

@jprjr commented on GitHub (Jan 25, 2026):

Hi there, I ran into this issue as well. My use-case is I'm building an app that allows users to upload client TLS certificates and authenticate with those.

My plan was to use a multi-value attribute to store certificate fingerprints. I think I could do a work-around of something like (|(certfp1=xxx)(certfp2=xxx)) but - it would be very convenient to search on just a single attribute.

@jprjr commented on GitHub (Jan 25, 2026): Hi there, I ran into this issue as well. My use-case is I'm building an app that allows users to upload client TLS certificates and authenticate with those. My plan was to use a multi-value attribute to store certificate fingerprints. I think I could do a work-around of something like `(|(certfp1=xxx)(certfp2=xxx))` but - it would be very convenient to search on just a single attribute.

kerem commented

2026-02-27 08:17:08 +03:00

Author

Owner

@necroware commented on GitHub (Jan 31, 2026):

Same problem here. Added mailalias as List attribute to my users. Now if I have up to 1 alias and use ldapsearch with filter mailalias=alias@example.com it works fine. As soon as I add second mailalias entry the filter stops working completely. Not even for the first entry. I guess, this is a bug :)

@necroware commented on GitHub (Jan 31, 2026): Same problem here. Added mailalias as List<String> attribute to my users. Now if I have up to 1 alias and use ldapsearch with filter mailalias=alias@example.com it works fine. As soon as I add second mailalias entry the filter stops working completely. Not even for the first entry. I guess, this is a bug :)

kerem referenced this issue

2026-02-27 09:09:33 +03:00

[PR #425] [MERGED] server: update sea-orm dependency #734