Can't find members of group using its cn in LDAP
I am totally new to LDAP, and have just started. I have seen a couple of examples, which to my understanding have used the query as I have done, but in my case it seems to be not working.
I have a hierarchy like this (I am using Apache Directory Studio):
If I double click on the object with ou=scientists then its info will pop up as followed:
So this group with ou=scientists has a cn=Scientists (I have checked and there are no following spaces after Scientists.
I want to simply find stuff inside the group with ou=scientists.
There is 1 way to do it like this:
ou=scientists,dc=example,dc=com which gives the expected result.
But I want to be able to find the content inside the group with ou=scientists not by its ou value, but by its cn value. So I thought to myself, ok I can use this: cn=Scientists,dc=example,dc=com
But this yields 0 results. I think I am missing a key point here. What should I actually do?
There are multiple things to consider when you query a LDAP directory.
In your case you want to lookup from a branch (call search base dn in LDAP) and apply a filter in all the childrens of this branch to select those you want :
ldapsearch ... -b <search base dn> -s sub "<FILTER>"
So for your DIT :
ldapsearch ... -b dc=example,dc=com -s sub "(&(objectClass=groupOfUniqueNames)(cn=scientists))"
Consider learning how the search request works in LDAP if you want to work more deeply with ldap : https://ldapwiki.com/wiki/SearchRequest
- How to connect to Active Directory via LDAPS in C#?
- ArgoCD LDAP : RBAC using LDAP is not working (Not assigning the policies)
- How to make an existing structural objectClass auxiliary?
- How do I restrict Apache/SVN access to specific users (LDAP/file-based authentication)?
- LDAP- adding new attribute schema using ldapmodify
- Cannot retrive objectName from searchEntry when I update ldapjs to v3
- Why am I getting 'System.__ComObject' from my LDAP property?
- C# Cannot connect to AD using LDAPS
- ldap_mod_replace returns true but password does not change
- Jenkins administratively disabled user in LDAP causing false negatives
- Is context need to be closed explicity in LDAP connection pooling
- Authentication fails after enabling RequireGroup in openvpn-auth-ldap.so
- Python 3.5, ldap3 and modify_password()
- Reset Active Directory password using Python and ldap3
- memberof and refint does not work in openLdap
- Retrieving User Information from LDAP Active Directory Server with Node.js using ldapjs package
- How do a LDAP search/authenticate against this LDAP in Java
- Enumerate all users including SIDs
- Web-based LDAP Browser
- kinit: Preauthentication failed while getting initial credentials
- C# OpenLDAP Error: unicodePwd: attribute type undefined
- Why do POST requests not work using Spnego/Kerberos authentication with Spring Security Kerberos?
- python-ldap creating a group returns "already exists" (in an empty OU and non existent sAMAccountName)
- NiFi 1.25 error when trying to connect to LDAP service: ClassCastException: LdapProvider
- Move Object to an OU in Active Directory
- What does samAccountType in groups of Active Directory mean?
- php - ldap_search(): search: operations error
- Combining LDAP Queries is not giving proper results
- Getting groups from LDAP to django
- How we can directly use kerberos ldap service ticket to authenticate with ldap and form the LDAP context