hi,
following the FAQ (
http://search.cpan.org/~marschap/perl-ldap-0.65/lib/Net/LDAP/FAQ.pod#How_do_I_search_for_all_members_of_a_large_group_in_AD
?)
I successfully retrieve all members of a large group, nice.
The example searchs only using scope 'base' and as base the group
distinguishedname.
If I change that to
base = "dc=domain,dc=tld",
scope = "sub",
it finds just one group:
my $mesg;
my @members;
my $samaccount;
my $index = 0;
while ( $index ne '*' ) {
$mesg = $ldapprod->search(
base => $prod_base,
filter => "(objectclass=group)",
scope => 'sub',
attrs => [ ( $index > 0 ) ? "member;range=$index-*" : 'member',
'samaccountname', ]
);
if ( $mesg->code == LDAP_SUCCESS ) {
my $entry = $mesg->entry(0);
my $attr;
# large group:
if ( ($attr) = grep( /^member;range=/, $entry->attributes ) ) {
push( @members, $entry->get_value($attr) );
$samaccount = $entry->get_value('samaccountname');
if ( $attr =~ /^member;range=\d+-(.*)$/ ) {
$index = $1;
$index++ if ( $index ne '*' );
}
}
# small group:
else {
@members = $entry->get_value('member');
$samaccount = $entry->get_value('samaccountname');
last;
}
}
# failure
else {
last;
}
}
if ( $mesg->code == LDAP_SUCCESS ) {
for (@members) {
print "$_\n";
}
print "Group: $samaccount\n";
}
I'm obviously doing something wrong. Do I need to get the groups
distinguishedname and then use the scope 'base' to look at membership of
all groups?
Thanks for your advice.
--
--
Groeten,
natxo
