问题
i am using openldap with phpldapadmin, and i'm trying to check what are the groups of a certain user. this is my scheme ...
this is what i tried, but it didn't work
docker-compose exec openldap ldapsearch -x -H "ldap://openldap" -D "cn=admin,dc=openldap" -w admin -b "cn=root,ou=django,dc=openldap" '(&(objectClass=*)(member=cn=superuser,ou=groups,dc=openldap))'
PS: i'm new to ldap, this is the image i'm using
回答1:
There are tons of literature on LDAP and queries, that explain how to search for groups, with examples.
First the baseDN (-b) should be the top of your hierarchy: dc=openldap.
Second, you're searching from groups, so the filter should include (objectclass=groupOfNames)
Finally, you're searching for the groups a user is member of, and the filter should be (member=cn=root,ou=django,dc=openldap)
The resulting query is then:
ldapsearch -x -H "ldap://openldap" -D "cn=admin,dc=openldap" -w admin -b "dc=openldap" '(&(objectClass=groupOfNames)(member=cn=root,ou=django,dc=openldap))'
This will return the group entries. If you are only interested in the name, add dn at the end of the query.
来源:https://stackoverflow.com/questions/51341936/how-to-get-groups-of-a-user-in-ldap