PingDirectory

Determining the members of a static group

Steps

  • To determine all of the members for a static group, retrieve the group entry, including the membership attribute.

    To retrieve attributes from member entries, search all users whose isMemberOf attribute contains the group DN, returning the attributes desired.

    To retrieve additional information about the members, such as attributes from member entries, issue a separate search for each member to retrieve the user entry and the desired attributes.

    Example:

    This table contains the search criteria to retrieve the list of all members for the group cn=Test Group,ou=Groups,dc=example,dc=com.

    Base DN

    cn=Test Group,ou=Groups,dc=example,dc=com

    Scope

    base

    Filter

    (objectClass=*)

    Requested attributes

    member uniqueMember

    Example:

    $ bin/ldapsearch --baseDN "cn=Test Group,ou=Groups,dc=example,dc=com" \
      --searchScope base "(objectclass=*)" uniqueMember

    Result:

    The returned entry includes the DNs of all users that are members of that group.