How do I query using ldapsearch what LDAP groups are members of other groups?

I'm working with an LDAP installation whose structure is not well documented. I think the tools that are normally used to add entries into it can create nested groups that a reused for assigning multiple permissions to users. By this, I mean:

User1 (o=users) -- is member of --> Group1 (o=groups) -- is member of --> Group2 (o=groups)

To confirm that this is indeed the way the system works, is there a way of querying using ldapsearch what groups are members of other groups?

Solution

Not easily. You will have to get the DNs of all the groups and their member attributes, whatever you're using for that, and then search for group DNs in the membership attributes.

powerShell Set-acl strange error : there is not enough space on the disk
What does systemFlags:1.2.840.113556.1.4.803:=2 mean in ldap?
PowerShell LDAPFilter multiple conditions
Use LDAP to authenticate users of a SQL Server database?
Ldap simple user search return LDAP: error code 53 - Unwilling to process the unindexed search operation
Authenticating with Active Directory using user log-on name instead of display name
Azure LDAP Authentication Connection Refused On Cloud Server or Other Desktops
How to create a ldap BIND_DN for samba active directory
Retrieving User Information from LDAP Active Directory Server with Node.js using ldapjs package
Setting up LDAP with jBPM (Kie Server) 7.74.1.Final in Docker
What is the proper way to make a search call in async mode in unboundId ldap sdk for java?
What are CN, OU, DC in an LDAP search?
PHP LDAP query to get members of specific security Group
Active Directory integration with Wordpress and LDAP
LDAP with dotnet core under Linux
LDAP Query via Windows CMD
implementation of mtls with php
LDAP auth in ASP.NET MVC authentication error: "Default credentials are not supported when the connection protection is set to None"
Getting Active Directory "SecurityDescriptor" attribute in .net core on linux machine
How do I clone an OpenLDAP database
Why does LDAP requires a two step "login" (connect and then bind)
How to check a username/password combination?
How do I modify a Boolean LDAP Active Directory attribute using Net::LDAP?
How do I unblock LDAP users in GitLab-CE
How can I make sure this is a secure LDAP connection and write AD's unicodePwd attribute?
Environment variables not defined in SSH AuthorizedKeysCommand (Docker)
How can I cause ldap_simple_bind_s to timeout?
Unknown Error (0x80005000) with LDAPS Connection
Ldap filter not working for filtering out OU