04/03/2019 222 views


I'm using LDAP labels and wondering whether there's a way to define the search scope in the query so that i can nest an AD security group within a group and have members of the child successfully be enumerated as members of the parent.

Does this make sense?


0 Comments   [ + ] Show comments


All Answers


From page 16 of the KACE Appliance LDAP Reference Guide V1.4

If you have a group who’s
membership is other groups that contain users you can use a string to search through
the groups. Here is an example.
It is the “:1.2.840.113556.1.4.1941:” after the memberof attribute that walks the
chain of ancestry in objects all the way to the root until it finds a match.

Answered 04/03/2019 by: flip1001
Fifth Degree Brown Belt