[Samba] Group members via LDAP

Troels Arvin troels at arvin.dk
Wed Feb 8 18:36:31 UTC 2023


Hello,

Rowland Penny wrote:
> I don't use ldapsearch much (I use ldbsearch etc, easier to use with 
> kerberos),

Actually, I'm not going to retrieve the data from ldapsearch, but in a 
Rust or Python program, and I'm going to be searching from a different 
server than the Samba server. I suppose that means I cannot make use of 
ldbsearch, right?

Anyway, when searching with ldbsearch, it also leaves out a group 
member, if the member has the group as the primary group.



> but don't you have to use a searchbase ?
> 
> i.e, -b 'dc=mydom,dc=org'

The base DN is left out of the query, because I've defined it in 
/etc/openldap/ldap.conf

[...]
BASE DC=mydom,DC=org
[...]

-- 
Troels



More information about the samba mailing list