ldap experts: how to get a list of groups a user is a member
of within the entire forest?
Luke Howard
lukeh at PADL.COM
Fri May 9 00:38:01 GMT 2003
>Yes, this filter is better. The result is a list of groups the user is a
>direct member of. But it does not list nested groups. I guess if groupA is
>a member of groupB, user chere is a member of groupA, I want a query on group
>membership of user chere, both groupA and groupB should be listed.
The tokenGroups attribute of a user contains an expanded list of
nested groups.
>domain. Is this all normal? Why do I have to use
>(member=cn=chere,cn=users,dc=zhou,dc=com), instead of (member=cn=chere,*)?
>Well, the (member=cn=chere,*) does not work, I don't know why.
There is no substring matching rule for distinguished names.
-- Luke
--
Luke Howard | PADL Software Pty Ltd | www.padl.com
More information about the samba-technical
mailing list