ldapsearch get a list of users (samAccountName) in a specific AD group
Question
So what I am trying to do is get myself a list of the AD users who belong to a specific group using ldapsearch. I attempted using "memberOf=GROUP_NAME", but still not filtering based on that and I always get all users in the AD, here is my code:
ldapsearch -xLLL -h domain.org -D "domain\\user" -W -b "DC=domain,DC=org" -s sub -x "(objectclass=user)" memberOf=cn=GROUP_NAME sAMAccountName | grep sAM | awk '{print $2}'
Any ideas what I am doing wrong here? Why isn't the memberOf attribute filtering the users?
1 answers
solution1
2 ACCPTED 2021-03-04 13:49:43
You need to fix the filter syntax and remove the 2nd -x, also memberOf expects the group dn (not just the group name):
ldapsearch -xLLL -h domain.org -D "domain\\user" -W -b "DC=domain,DC=org" -s sub "(&(objectclass=user)(memberOf=<GROUP_DN>))" sAMAccountName
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
How can get all users and full info of users in specific group in ldapsearch?
List all the users logged in a specific group
ldapsearch - users in dynamic groups
I'm trying to get list of users under a group in the following pattern
Deny login to linux machine for users not in AD “Domain Admins” group?
Need to add 50 users with specific uid range, identified userid list, custom user comment and custom primary group
How to get all dn in my ldapsearch in JAVA
Get list of logged in users
How to list all users in an administrative group in linux
How to list all users in a Linux group?
Related Tags