Better way to query an LDAP users via ruby net-ldap?

Is there a better way to search for users and computers specifically using the Net-ldap gem?

Here is what I am currently having to do to get only users.

results = search :base => @base, :filter => Net::LDAP::Filter.eq("cn", "*")
  @results = Array.new

  results.each do |result|
    @results.push result if result[:objectclass].include? "person" unless result[:objectclass].include? "computer"

Seems like there would be a better way. I can开发者_StackOverflow't see anything obvious in the documentation.

You can use the Join filter functionality of net-ldap:

filter = Net::LDAP::Filter.eq("sAMAccountName", "*")
filter2 = Net::LDAP::Filter.eq("objectCategory", "organizationalPerson")

joined_filter = Net::LDAP::Filter.join(filter, filter2)

ldap.search(:base => treebase, :filter => joined_filter) do |entry|
    puts entry.sAMAccountName
end

If you know the objectClass that is used for persons, you could use the filter '(objectClass=person)', replacing 'person' with the objectClass. Most implementations will use 'person' or an objectClass that inherits from 'person' such as 'inetOrgPerson'. Using the filter '(cn=*)' will most likely get entries that are not persons.

Try using Filter.eq("objectClass","person")