Link to home
Start Free TrialLog in
Avatar of dosuser
dosuser

asked on

LDAP Querie to list names of user's in Group

Hi

I'm new to LDAP in active Directory and need simple query to list users in a group.
Tryed to build querie in the (Saved Queries) in Management Coonsole 3.0 and it will not display. Could someone build me a simple querie that all I have to do is just change the name of the group.

Thanks..
Avatar of cantoris
cantoris
Flag of United Kingdom of Great Britain and Northern Ireland image

How about this:
(&(objectCategory=user)(memberOf=CN=YourGroupName,OU=YourOU,DC=YourDomain,DC=com))

Open in new window

Avatar of dosuser
dosuser

ASKER

Thanks, I Tryed but didn't work. Would it be Group first then Members? (No one listed in memberof) when I run with AD and look in the group. Not sure what (OU=??) is used for. Thanks..
It works for me as an LDAP Query.
You need to add the Distinguished Name of the group you want to query after "memberOf=".

For example, the following works on my test machine:
"(&(objectCategory=user)(memberOf=CN=Domain Admins,CN=Users,DC=contoso,DC=local))"

If you don't understand what a Distinguished Name is, look here:
http://www.selfadsi.org/ldap-path.htm

Note that in Active Directory Users and Computers, with "Advanced Features" enabled on the View menu, then you can use the "Attribute Editor" tab on the properties sheet of your Group to view the Distinguished Name.
Reading your question again, can't you just view the Group's MemberOf tab to get the info you need rather than write a query??

If I create an Advanced Custom Search type Query in AD, then I can paste in the LDAP Query I gave you above (minus the inverted commas) and it works fine.
ASKER CERTIFIED SOLUTION
Avatar of dosuser
dosuser

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of dosuser

ASKER

Found My own Solution, Thanks for the pointers
Avatar of Spike99
For, me I couldn't get this to work until I put the full distinguished name of the group. Thanks for the help, cantoris:

(&(objectCategory=user)(memberOf=CN=GROUP_NAME,OU=MyOU1,OU=MyOU2,OU=MyOU3,DC=DomainName,DC=com))

Open in new window