How to search for users of a group in ldapsearch?

Question

I want to list the users of an AD group using ldapsearch utility.

ldapsearch -x -D "cn=John Doe P789677,OU=Users,OU=Technology,OU=Head Office,OU=Accounts,OU=Production,DC=aur,DC=national,DC=com,DC=au" -w Teri3torz -H ldap://ldapaur.rux.atinel.com.nz -b OU=Groups,OU=Production,DC=rux,DC=atinel,DC=com,DC=nz "(&(objectClass=user)(memberOf=CN=ORG-Application-ContactCentre-ORG-PAC-Agent,OU=Applications,OU=ORG,OU=Groups,OU=Production,DC=rux,DC=atinel,DC=com,DC=nz))"

But I'm struggling to get this to work. I know there are users for group CN=ORG-Application-ContactCentre-ORG-PAC-Agent,OU=Applications,OU=ORG,OU=Groups,OU=Production,DC=rux,DC=atinel,DC=com,DC=nz

But I'm not sure of the query string, is I'm using it right after the -b argument.

Any ideas would be highly appreciated.

Answer 1

The base must be where the users are located based on the use of your filter "memberOf".

ldapsearch -x -D "cn=John Doe P789677,OU=Users,OU=Technology,OU=Head Office,OU=Accounts,OU=Production,DC=aur,DC=national,DC=com,DC=au" -W -H ldap://ldapaur.rux.atinel.com.nz -b OU=Accounts,OU=Production,DC=aur,DC=national,DC=com,DC=au "(&(objectClass=user)(memberOf=CN=ORG-Application-ContactCentre-ORG-PAC-Agent,OU==Applications,OU=ORG,OU=Groups,OU=Production,DC=rux,DC=atinel,DC=com,DC=nz))

-jim