How do I make a LDAP search on OU on Microsoft Active Directory?

Question

I tried to return LDAP search that should return me all entries that do have OU=groups on an active directory by I do not get the expected results (usually I get nothing).

Filter: (ou:dn:=groups)

I know that searching on DN is not possible by normal means, still what is the correct way of getting this information in a filer, one that would work with Active Directory.

Reference:

How can I make a LDAP query that returns only groups having OU=Groups from all levels?
http://confluence.atlassian.com/display/DEV/How+to+write+LDAP+search+filters

JPBlanc JPBlanc · Accepted Answer · 2012-04-06T12:25:16

I don't think that you can do that in one search. You can first look for all organizational units of the name OU=groups, and then make a search for each OU.

It exists ExtensibleMatch that allow what you want to do, but it's not supported in Active-Directory.

Here is the reference form Microsft supported Search Filter Syntax

How do I make a LDAP search on OU on Microsoft Active Directory?

1 Answers