I have a domino server running ldap (6.5.4)
I weant to perform simple ldap searches to tell me if users are contained in groups which are nested.
eg,
ldapsearch -v -h LDAPSERVER “(&cn=_7_INTERNET_ACCESS)(member=cn=Jo Bloggs, ou=Finance, O=COMPANY))”
When I search a group which doesnt contain nested groups everything works ok, nested groups return no matches.
Can anyone advise what I’m missing, maybe directory assistance, but I thought this should only be used when multiple directories are being searched
Thanks
Martyn
Subject: Domino LDAP and searching nested groups
I have a domino server running ldap (6.5.4)
I weant to perform simple ldap searches to tell me if users are contained in groups which are nested.
eg,
ldapsearch -v -h LDAPSERVER “(&(cn=_7_INTERNET_ACCESS)(member=cn=Jo Bloggs, ou=Finance, O=COMPANY))”
When I search a group which doesnt contain nested groups everything works ok, nested groups return no matches.
The style of “simple” search you are issuing will only reveal direct members. To include nested groups, the LDAP application must write a bit of code.
Algorithms as well as Java and C LDAP code that addresses “is M a direct or nested member of group G” is described in
Collaborative Cuisine’s 1 Hour JNDI Cookbook
Building Directory Friendly Applications
Both references are included in a FAQ (google “Domino Directory FAQ”)