Fwd: Samba4 how to list all members of a group

[Lukasz Zalewski]

On 16/05/12 18:50, steve wrote:
> On 04/30/2012 03:47 PM, steve wrote:
>> On 30/04/12 14:10, Lukasz Zalewski wrote:
>>> On 30/04/12 10:20, steve wrote:
>>>> Hi
>>>> Sorry to forward but I had no luck with this on the samba list.
>>>> On s4 at the cli, is it possible to get a list of members of say,
>>>> Domain
>>>> Users?
>>>> Steve
>>>>
>>>
>>> Hi Steve,
>>> For Domain Users you can try:
>>>
>>> /usr/local/samba/bin/ldbsearch -a -H /usr/local/samba/private/sam.ldb
>>> '(|(primaryGroupID=513)(memberOf=CN=Domain Users,CN=Users,DC=...))' dn
>>>
>> Hi Lukasz
>> Yes. That gets us there. Thanks.
>>
>> I can only think that this is not something I should need to do.
>>
>> Cheers,
>> Steve
> Hi
> Can anyone do any better than this mess?!
>
> function listgroup {
> #lists members of a group
> # $1 is the name of the group
> # get the gid
> strgid=$(wbinfo --group-info="$1")
> gid=$(echo $strgid | cut -d ":" -f 3)
> #get the group from the sid
> strsid=$(wbinfo --gid-to-sid=$gid)
> primarygid=$(echo $strsid | cut -d "-" -f 8)
> #$db is your ldap://fqdn and $auth if the kerberos ccacche= stuff
> ldbsearch --url=$db $auth
> "(|(primaryGroupID=$primarygid)(memberOf=CN=$1,CN=Users,$basedn))" dn |
> grep CN | cut -d ":" -f2 | cut -d "=" -f2 | cut -d "," -f1 | grep -v ldap
> }
>
> Cheers,
> Steve

Hi Steve,
the listmembers option is now part of samba-tool and members are listed 
according to their samAccountName (or cn if samAccountName attribute is 
not available):
./samba-tool group listmembers
Usage: samba-tool group listmembers <groupname> [options]

Regards

L