ldap3 icon indicating copy to clipboard operation
ldap3 copied to clipboard
verified publisher icon cannatag

Get all members from a group included nested groups?

Open madsholme opened this issue 3 years ago • 4 comments

Are there a way to get all members of a group included members from nested groups?

I can get members of a group just fine but it also include groups, but are there a way to easely get all members including those from the nested groups?

Something like what the -recursive flag does for get-adgroupmember in powershell?

madsholme avatar Oct 29 '22 17:10 madsholme

No, I’m sorry. This is something specific to AD. You have to recurse the response by yourself in your code.Bye,GiovanniIl giorno 29 ott 2022, alle ore 19:32, madsholme @.***> ha scritto: Are there a way to get all members of a group included members from nested groups? I can get members of a group just fine but it also include groups, but are there a way to easely get all members including those from the nested groups? Something like what the -recursive flag does for get-adgroupmember in powershell?

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you are subscribed to this thread.Message ID: @.***>

cannatag avatar Oct 29 '22 17:10 cannatag

Fair enought, thanks for the fast answer

madsholme avatar Oct 29 '22 17:10 madsholme

@madsholme Did you try using LDAP_MATCHING_RULE_IN_CHAIN? Like:

ldap_base = "DC=example,DC=com"
ldap_filter = f"(&(objectclass=user)(objectcategory=person)(memberof:1.2.840.113556.1.4.1941:=CN=Domain admins,CN=Users,{ldap_base}))"
conn.search(search_base=ldap_base, search_filter=ldap_filter, search_scope="SUBTREE")

markkrj avatar Nov 10 '22 16:11 markkrj

@markkrj Hey thanks for this, this seems to be what i was missing!

madsholme avatar Nov 17 '22 12:11 madsholme