Answer the question
In order to leave comments, you need to log in
A
A
Arseniy Latypov2020-10-08 13:45:34
Arseniy Latypov, 2020-10-08 13:45:34
How to correctly compose an ldap query on active directory to find users in a subgroup?
Hello everyone and good mood,
please help me figure out why ldap queries do not work for me. The purpose is that, I need to pull out all users from one subgroup. A simple example - I am a member of the "Domain Admin" group (Users container) 
, the same is in the "Administrators" group (Builin container) 
and I need to make a query that will show all users who are members of the "Administrators" group and its subgroups
Tried to make such requests:
(&(&(&(objectClass=user)(memberof:1.2.840.113556.1.4.1941:=CN=*,CN=*,DC=mydomen,DC=local))))(&(&(memberOf=Администратор)))and a bunch of other queries using the Active Directory Users and Computers snap-in, but it still didn't work.
Any help would be appreciated, thanks in advance!
3 answer(s)
@dronmaxman
A
Andrey Barbolin, 2020-10-08 @dronmaxman
Try this
ldapsearch -S -P -H ldap://domain.com -b 'dc=domain,dc=com' -D 'domain\DOMAIN_USER' -w 'DOMAIN_USER_PASS' '(&(memberof=CN=Администраторы,OU=Users,DC=domain,DC=com)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))' samaccountname
Similar questions
A
D
A
Q
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question