嵌套组所有者 - LDAP 查询
[英]Nested Group Owner - LDAP Query
问题描述
let's assume I have the user
让我们假设我有用户
CN=testuser1,OU=Users,DC=corp,DC=com
and I want to receive all groups where the user is registered as the owner.我想接收用户注册为所有者的所有组。 I am currently using the following filter:我目前使用以下过滤器:
(|(ManagedBy=CN=testuser1,OU=Users,DC=corp,DC=com)(msExchCoManagedByLink=CN=testuser1,OU=Users,DC=corp,DC=com))
However, it can happen that security groups are also entered as owners.但是,安全组也可能作为所有者输入。 How can I adjust the filter so that I can still find the right groups, even if the user is indirectly entered as the owner via a security group?如何调整过滤器,以便我仍然可以找到正确的组,即使用户是通过安全组间接输入为所有者的? Can this possibly be done with the matching rule OID 1.2.840.113556.1.4.1941 (LDAP_MATCHING_RULE_IN_CHAIN) ?这可以通过匹配规则 OID 1.2.840.113556.1.4.1941 (LDAP_MATCHING_RULE_IN_CHAIN) 来完成吗?
thanks in advance!提前致谢!
1 个解决方案
解决方案1
0 2020-02-14 11:54:22
As ManagedBy is a dn Syntax and has a LinkID of 72, an even value implying that it is a forward link , then you should be able to use something similar to: (or in combination with others)由于ManagedBy是一个 dn 语法并且具有 72 的 LinkID,一个偶数值暗示它是一个前向链接,那么您应该能够使用类似于:(或与其他人组合)
(ManagedBy:1.2.840.113556.1.4.1941:=N=testuser1,OU=Users,DC=corp,DC=com)
I have not tried this filter and there are limitations as to the depth of links that will be traversed in larger implementations.我还没有尝试过这个过滤器,并且在更大的实现中将遍历的链接深度有限制。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.