Re: ADUC Queries - Members of Security Group

Thank you for taking the time to provide alternatives as I now have a clearer
understanding of how this technology works. I had tried several different
formats and it appears all of the wrong ones.

One final question, is it possible to include somethig like a select
statement to further define the query? I have several OUs of users and I was
hoping to not have to do a lot of cross referencing.

Where PA was at the top of the directory structure the users OU the users OU
flows from it as well.

PA=OU
LD=OU
USERS=OU

I appologize for sounding needy. I just have too much on my plate at the
moment with other projects comming due. Thanks again for the help.

"Richard Mueller [MVP]" wrote:

Can someone point out where I am going wrong please. This should be
simple.

I need to list the users who are a member of a security group.

If the conical name of the group is "a.b.c.d.com/PA/GROUPS/SEC GRP" it is
my
understanding that a custom search as such
"(objectCategory=person)(objectClass=user)(member Of=cn=SEC
GRP,ou=GROUPS,ou=PA,dc=a,dc=b,dc=c,,dc=c,dc=com)" should return a list of
users but it doesn't. The conical name came from looking at the
properties of
the SEC GRP.

When looking at ADUC expanded it looks like this:

a.b.c.d.com
PA=OU
GROUPS=OU
SEC GRP=Security Group

I tried exporting it and importing it but nothing works; I just get an
empty
list. I have permissions to modify within PA. Any insight?

To retrieve user members I would suggest:

(&(objectCategory=person)(objectClass=user)(memberOf=cn=Sec
Grp,ou=Groups,ou=PA,dc=a,dc=b,dc=c,dc=d))

However, to retrieve members of any class (users, contacts, groups,
computers) you can use:

(memberOf=cn=Sec Grp,ou=Groups,ou=PA,dc=a,dc=b,dc=c,dc=d)

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--



.

Relevant Pages

  • Re: ADUC Queries - Members of Security Group
    ... understanding that a custom search as such ... To retrieve user members I would suggest: ... However, to retrieve members of any class (users, contacts, groups, ...
    (microsoft.public.windows.server.active_directory)
  • Re: Question about data persistence in Public variables
    ... Session and/or Cache is used to ... That is my understanding but it is not what I am seeing. ... > is that these members have the same lifetime as Shared members. ... > Shared variable has only a single lifetime, ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Yet another OO question...
    ... one of the main problems I've got understanding OO (and teaching ... That is, the only values that should be used in any method are the instance members of the class you're operating in, and the parameters to the method. ... Try to keep all of the members of a class focused on a single purpose. ...
    (comp.lang.java.programmer)
  • RE: Much more complicated that you think.
    ... >not understanding my question. ... >classes, plus their members, constants, enumerators etc. ... >that when I then activate a menu, Accelerator key, or toolbar item, I can ...
    (microsoft.public.vc.mfc.docview)
  • RE: SID Values
    ... 321538 All members of a group may not be returned when you enumerate ... Whoami is a command line tool. ... Thank you for your understanding. ... we do not offer script support in the newsgroup. ...
    (microsoft.public.windows.server.migration)