[Samba] Group members via LDAP
Troels Arvin
troels at arvin.dk
Wed Feb 8 15:35:42 UTC 2023
Hello,
On a network, I'm using Samba as domain controller.
I've created a group "mygroup" which has three members. Those members
have "mygroup" as primary group:
===================================================
# samba-tool group listmembers mygroup
user1
user2
user3
===================================================
However, when I query Samba via LDAP, the group members don't appear:
===================================================
$ ldapsearch samaccountname=mygroup member
SASL/GSS-SPNEGO authentication started
SASL username: troels at MYDOM.ORG
SASL SSF: 256
SASL data security layer installed.
# extended LDIF
#
# LDAPv3
# base <dc=MYDOM,dc=ORG> (default) with scope subtree
# filter: samaccountname=mygroup
# requesting: member
#
# mygroup, Users, mydom.org
dn: CN=mygroup,CN=Users,DC=mydom,DC=org
# search reference
# ...
===================================================
I had expected the result to also have some "member:" lines such as:
===================================================
dn: CN=mygroup,CN=Users,DC=mydom,DC=org
member: CN=User1 Surname1,CN=users,DC=mydom,DC=org
member: CN=User2 Surname2,CN=users,DC=mydom,DC=org
member: CN=User3 Surname3,CN=users,DC=mydom,DC=org
===================================================
How can I run ldapsearch in a way where all members of the group are
shown, including users who have the group as the primary group?
--
Regards,
Troels Arvin
More information about the samba
mailing list