LDAP Library: python-ldap
I am trying to query a security group with around 1,000 users to get the list of members. These are my search preferences I am using to query a security group.
Filter: (&(objectCategory=Group)(distinguishedName=cn=SomeGroup,dc=foo,dc=bar))
base dn: cn=SomeGroup,dc=foo,dc=bar
attributes: ['member']
I know that this query works with smaller groups because I have tested it and received the list of members it contains.
I have also tried implementing paged group searching, but it doesn't return anything in its payload and instead returns an empty error message. My paging size is 1 so getting too many users with paging shouldn't be a problem. I have tested my paged searching on organizationalUnits(OU) so I know it's implemented correctly.
Any help or suggestions would be greatly appreciated.
To get a list of members of a specific group, you should use a memberof
search filter:
Filter: (&(memberof=cn=SomeGroup,dc=foo,dc=bar))
Attributes: whatever you want to know about the members
Base DN: I recommend to set this to your directory root (dc=foo,dc=bar) to ensure you get the complete list of members
If you want to do it the opposite way ( reading the members' distinguished names from the group ) you should perform a read
operation with a dummy filter (objectclass=*)
and the base DN set to the distinguished name of the group, and requesting the member
attribute.