Question
Currently in my deployment, I only want to extract user-group information as part of search query. As of now I am doing top level search, this results in downloading complete LDAP user-profile information from LDAP server. This is kind of an overhead. So is it possible to include a search filter in the search query that can give me the direct user-group membership alone and not the complete user-profile?
Solution
The "member" attributes on groups will provide the DN of all members of the group.
If you are looking at the user vs the group, there is no standard for seeing groups relations for the user. (AD and eDirectory) support this to some degree.
Nested groups in you LDAP can cause more work to find user-group relations.
https://stackoverflow.com/questions/14769790
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian