我如何筛选包含特定的用户群体LDAP查询? [英] How do I filter an LDAP query for groups containing a specific user?
问题描述
如何过滤的Active Directory LDAP查询包含认证/绑定的用户(或任何用户在所有)组?这工作得很好:
How do I filter an Active Directory LDAP query to groups containing the authenticated/bound user (or any user at all)? This works fine:
(&(objectClass=group)(member=*))
>>> lots of results
但我不能去任何更多详细信息:
But I can't go any more detail:
(&(objectClass=group)(member=*S*))
>>> nothing
在MSDN提到使用的过滤器是这样的:
The MSDN mentions using a filter like this:
(member:1.2.840.113556.1.4.1941:=(cn=user1,cn=users,DC=x))
不过,即使忽略的疯狂超神奇数字的参与,我总是得到0的结果,当我尝试与(甚至替换 CN =用户1,CN =用户过滤,DC = X
用我自己的distinguishedName,甚至取代它 *
)。
But even ignoring the crazy hyper magic number involved in that, I always get 0 results when I try to filter with that (even replacing cn=user1,cn=users,DC=x
with my own distinguishedName, even replacing it with *
).
推荐答案
您需要的用户的完整DN即
You need the full DN of the user i.e
(&(member=CN=Your Name,OU=Your OU,DC=company,DC=com)(objectClass=group))
注意不能使用*在这一个
take note you cannot use * in this one
这篇关于我如何筛选包含特定的用户群体LDAP查询?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!