Re: ldap search and group membership

[Ace Suares <ace@suares.nl>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> Hi Sarkar, Sudipta,
>
>                             You can use "Boolean operators" for this type
> of search. For example, group "myGroup" and last name of the user (john)
> "Smith". Now, To find out all users whose last name is Smith and are
> members of  "myGroup",

Durai, it seems that what you call a 'Group' is actually a 'branch'.

In your example, it would be sufficient to search for (sn=Smith) with base 
ou=myGroup,dc=visolve,dc=com, i.e.

$ ldapsearch -h 127.0.0.1 -x -b "ou=myGroup,dc=visolve,dc=com" "(sn=Smith)"


You will find a little more info on how to deal with groups in the faq:
http://www.openldap.org/faq/index.cgi?file=52, however, this entry doesn't 
give an answer to the original question.

As far as I know, you can't use a searchfilter that does this... you would 
first need to retrieve all DN's that are members of a group, because members 
of a group must be DN's, and then for each DN lookup the surname.

But maybe some else has a better answer!

_ace

website: http://www.suares.nl * http://www.qwikzite.nl
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

iD8DBQFAIcGYy7boE8xtIjURAkEaAKCWarMBsFBOTSSa0GPPPtzBZ4kuhACfaqwE
tjAKVAj2wg2ik2/TpNrzugY=
=MwUP
-----END PGP SIGNATURE-----