Determining the members of a static group
Steps
-
To determine all of the members for a static group, retrieve the group entry, including the membership attribute.
To retrieve attributes from member entries, search all users whose
isMemberOf
attribute contains the group DN, returning the attributes desired.To retrieve additional information about the members, such as attributes from member entries, issue a separate search for each member to retrieve the user entry and the desired attributes.
Example:
This table contains the search criteria to retrieve the list of all members for the group
cn=Test Group,ou=Groups,dc=example,dc=com
.Base DN
cn=Test Group,ou=Groups,dc=example,dc=com
Scope
base
Filter
(objectClass=*)
Requested attributes
member uniqueMember
Example:
$ bin/ldapsearch --baseDN "cn=Test Group,ou=Groups,dc=example,dc=com" \ --searchScope base "(objectclass=*)" uniqueMember
Result:
The returned entry includes the DNs of all users that are members of that group.