/build/static/layout/Breadcrumb_cap_w.png

LDAP label define the search scope

Hi, 

I'm using LDAP labels and wondering whether there's a way to define the search scope in the query so that i can nest an AD security group within a group and have members of the child successfully be enumerated as members of the parent.


Does this make sense?


Chris

Asked 5 years ago 398 views
0 Comments   [ + ] Show comments

Answers (1)

Posted by: flip1001 5 years ago
Black Belt
0

From page 16 of the KACE Appliance LDAP Reference Guide V1.4


If you have a group who’s
membership is other groups that contain users you can use a string to search through
the groups. Here is an example.
(&(samaccountname=KBOX_USER)(memberof:1.2.840.113556.1.4.1941:=CN=nestedgro
up,CN=Users,DC=whitman,DC=com))
It is the “:1.2.840.113556.1.4.1941:” after the memberof attribute that walks the
chain of ancestry in objects all the way to the root until it finds a match.

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ