I am trying to create LDAP Filter that search by part of DN-String in attribute.

If I filter with Full string, It works fine, for example:

attrName:dn:=full_value

But if I search by part of text with *, it is Invalid:

attrName:dn:=value*

How can I filter a DN-String attribute by part of text?

There is no substring match rule for distinguishedName that I am aware of.

RFC 4517 defines the distinguishedNameMatch rule as only as an equality matching rule.