I'm attempting to sync my application against AD's LDAP. what I'm trying to due is fully enumerate a list of users that belong to any group that has a particular value set as an extended attribute.
Example :
search DN: ou=groups,ou=@company,dc=corp,dc=trx,dc=com
filter: extensionattribute1=livelinkuser
This returns all the groups which is great but what I'm needing is to fully enumerate all the groups with the users inside I've tried the member and memberof with the memberof:1.2.840.113556.1.4.1941 but as yet have had no luck.
Can what I'm discribing be done ?
Bookmarks