Fwd: Samba4 how to list all members of a group

[steve]

On 05/16/2012 08:00 PM, Lukasz Zalewski wrote:
> On 16/05/12 18:50, steve wrote:
>> On 04/30/2012 03:47 PM, steve wrote:
>>> On 30/04/12 14:10, Lukasz Zalewski wrote:
>>>> On 30/04/12 10:20, steve wrote:
>>>>> Hi
>>>>> Sorry to forward but I had no luck with this on the samba list.
>>>>> On s4 at the cli, is it possible to get a list of members of say,
>>>>> Domain
>>>>> Users?
>>>>> Steve
>>>>>
>>>>
>>>> Hi Steve,
>>>> For Domain Users you can try:
>>>>
>>>> /usr/local/samba/bin/ldbsearch -a -H /usr/local/samba/private/sam.ldb
>>>> '(|(primaryGroupID=513)(memberOf=CN=Domain Users,CN=Users,DC=...))' dn
>>>>
>>> Hi Lukasz
>>> Yes. That gets us there. Thanks.
>>>
>>> I can only think that this is not something I should need to do.
>>>
>>> Cheers,
>>> Steve
>> Hi
>> Can anyone do any better than this mess?!
>>
>> function listgroup {
>> #lists members of a group
>> # $1 is the name of the group
>> # get the gid
>> strgid=$(wbinfo --group-info="$1")
>> gid=$(echo $strgid | cut -d ":" -f 3)
>> #get the group from the sid
>> strsid=$(wbinfo --gid-to-sid=$gid)
>> primarygid=$(echo $strsid | cut -d "-" -f 8)
>> #$db is your ldap://fqdn and $auth if the kerberos ccacche= stuff
>> ldbsearch --url=$db $auth
>> "(|(primaryGroupID=$primarygid)(memberOf=CN=$1,CN=Users,$basedn))" dn |
>> grep CN | cut -d ":" -f2 | cut -d "=" -f2 | cut -d "," -f1 | grep -v 
>> ldap
>> }
>>
>> Cheers,
>> Steve
>
> Hi Steve,
> the listmembers option is now part of samba-tool and members are 
> listed according to their samAccountName (or cn if samAccountName 
> attribute is not available):
> ./samba-tool group listmembers
> Usage: samba-tool group listmembers <groupname> [options]
>
> Regards
>
> L
Hi Lukasz
Works perfectly. I never thought to try it, even on my new build.
Thanks again,
Steve