This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Active Directory Group Related Searches
Active Directory Group Related Searches

Version management

Difference between version and

At line 1 added 102 lines
!!! Overview
These are [Examples] for [Active Directory Groups] related [LDAP SearchFilters] which show [LDAP Query Examples] that can be used to find information specific to [Active Directory Groups].
More [LDAP Query Examples] and more [AD Specific LDAP Query Examples|LDAP Query Examples for AD]
[{TableOfContents}]
!! All groups
{{{
(objectClass=group)
}}}
!! [Security Groups]
! Direct [members] of a [Security Groups]
{{{
(memberOf=CN=Admin,OU=Security,DC=DOM,DC=NT)
}}}
! Resolves all members (including nested) [Security Groups] (requires at least Windows 2003 SP2)
{{{
(memberOf:1.2.840.113556.1.4.1941:=CN=GroupOne,OU=Security Groups,OU=Groups,DC=YOURDOMAIN,DC=NET)
}}}
Or to retrieve only [users] that are [members]:
{{{
(&(objectClass=user)(memberof:1.2.840.113556.1.4.1941:=CN=GroupOne,OU=Security Groups,OU=Groups,DC=YOURDOMAIN,DC=NET)
}}}
For information on why this [Extensible Match] rule works see [1.2.840.113556.1.4.1941] or [LDAP_MATCHING_RULE_IN_CHAIN]
! All [Security Groups] (local, global and universal)
{{{
(groupType:1.2.840.113556.1.4.803:=2147483648)
}}}
For information on why this works see [How To] use [Filtering for Bit Fields] and [1.2.840.113556.1.4.803] or [LDAP_MATCHING_RULE_BIT_AND]
!! All empty groups:
{{{
(&(objectClass=group)(!member=*))
}}}
! All [Security Groups] with a [GroupType] of [Global Group]
{{{
(&(objectCategory=group)(groupType:1.2.840.113556.1.4.803:=2147483650))
}}}
! All [Security Groups] with [GroupType] of [Domain Local Group]
{{{
(&(objectCategory=group)(groupType:1.2.840.113556.1.4.803:=2147483652))
}}}
! All [Security Groups] with a [GroupType] of [Universal Group]
{{{
(&(objectCategory=group)(groupType:1.2.840.113556.1.4.803:=2147483656))
}}}
!! [Distribution Groups]
! All [Distribution Groups]
{{{
(&(objectCategory=group)(!(groupType:1.2.840.113556.1.4.803:=2147483648)))
}}}
! All [Distribution Groups] with [GroupType] of [Global Group]
{{{
(&(objectCategory=group)(groupType:1.2.840.113556.1.4.803:=2)(!(groupType:1.2.840.113556.1.4.803:=2147483648)))
}}}
! All [Distribution Groups] with [GroupType] of [Domain Local Group]:
{{{
(&(objectCategory=group)(groupType:1.2.840.113556.1.4.803:=4)(!(groupType:1.2.840.113556.1.4.803:=2147483648)))
}}}
! All [Distribution Groups] with [GroupType] of [Universal Group]
{{{
(&(objectCategory=group)(groupType:1.2.840.113556.1.4.803:=8)(!(groupType:1.2.840.113556.1.4.803:=2147483648)))
}}}
!! All groups which were changed since Dec 31 2008:
{{{
(&(objectClass=group)(whenChanged>=20081231000000.0Z))
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
The handy search I found is:
{{(member:1.2.840.113556.1.4.1941:=CN=John Smith,DC=MyDomain,DC=NET)}}
Where ''CN=John Smith,DC=MyDomain,DC=NET'' is the user's [FDN|LDAP and Active Directory] and 1.2.840.113556.1.4.1941 is the special OID Rule ID ''LDAP_MATCHING_RULE_IN_CHAIN'' as you used above (and is documented [here|http://msdn.microsoft.com/en-us/library/aa746475%28VS.85%29.aspx].
--[scott|http://scott.willeke.com], 02-Apr-2012 21:48
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop