The group whose SID that I am trying to take is the default "Domain Users" group. The ldapsearch query too fails for that but for any other custom groups, the membership information is printed. So is there a different style that we should follow for getting the "Domain Users" group members ?
2014-04-10 16:20 GMT+05:30 Sankar P <[email protected]>: >> ldapsearch -H ldap://your_dc.example.com \ >> -b '<sid=S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXX>' \ >> -s base \ >> '(objectClass=*)' member >> > > oh okay. Thanks for your explanation. > > I changed my code to: > > struct timeval timeout = {10,0}; > char *attr_list[] = {"member", NULL}; > LDAPMessage *searchresult = NULL; > > gch = get_gch_from_queue(); > sts = ldap_search_ext_s(gch->ld, "<sid=S-...>", LDAP_SCOPE_BASE, > "(objectClass=*)", attr_list, 0, NULL, NULL, &timeout, LDAP_NO_LIMIT, > &searchresult); > > and this returns a status of LDAP_UNWILLING_TO_PERFORM > > What am I doing wrong ? > > -- > Sankar P > http://psankar.blogspot.com -- Sankar P http://psankar.blogspot.com
