Question : Help with LDAP query

Hi

I have an application that needs to check the members of a certain group in AD.

We have multiple domains in the our forest. Forest root is kam.com, and we have eu.kam.com, usa.kam.com and japan.kam.com

Within each Domain, there are AD sites for each country, and then a Users, Computers or Groups OU.

I have just created a new OU named FinanceApp as well, under the root.

Currently, there is a security group in:

eu.kam.com > Germany > Groups

Named SG-Sec1.

I would like to move it to:

eu.kam.com > FinanceApp > Groups

The application is currently set to look for Sec1 in:

CN=SG-Sec1, ou=Groups, ou=Germany, dc=eu, dc=kam, dc=com

I guess when I move the group, I need to change to:

CN=SG-Sec1, ou=Groups, ou=FinanceApp, dc=eu, dc=kam, dc=com

But this means everytime I move the group in AD, the application needs to be reconfigured. Is there a way I can add a 'wildcard' into an LDAP query and just say search under eu.kam.com, or is this not good for performance reasons?

Answer : Help with LDAP query

Unfortunately an ldap query that is querying 'memberof' has to use the full DN of the group.

The DN format will not accept wildcards of any kind, such as CN=SG-Sec1* - this is not valid.

In a simple LDAP filter passed to an app I'm afraid I don't think what you're asking is possible. If you had the ability to add logic via script then you could find the DN of the group and build the filter, but it sounds like this is not the case.

Tony

Random Solutions

Excel Exception when trying to display page

Block MSN with ISA 2006

I have a 500 gb sata HDD that when i connect it to my laptop via USB get this error.

CommonDialog Question

Swapping screen view in access 2007

Sharepoint Moss Team Site vs Publishing Site

Active Directory Planing

Recovery disk No.2 needed for a Sony Vaio PCG-FR102/FR105

Need help with exisiting code. reading attachments and save to MS Access

Hibernate Mapping - Stored Proc result from multiple tables