I have ran into problem using memberOf filter in my ldapsearch query. The customer is using `OpenLDAP.
I have a group of users with 3 members
When I query for users using ldapsearch:
ldapsearch -h hostname -p 393 -x -z 3 -b "o=XY,dc=group,dc=com,dc=xyz,dc=cz" "(&(objectClass=person))" 1.1
I get results containing also user XYZ.
# extended LDIF
#
# LDAPv3
# base <o=XYZ,dc=group,dc=com,dc=xyz,dc=cz> with scope subtree
# filter: (&(objectClass=person))
# requesting: 1.1
#
# XYZ, People, XY, xyz.com
dn: cn=XYZ,ou=People,o=XY,dc=group,dc=com,dc=xyz,dc=cz
...
# search result
search: 2
result: 4 Size limit exceeded
# numResponses: 4
# numEntries: 3
But when I use the filter:
ldapsearch -h hostname -p 393 -x -z 3 -b "o=XY,dc=group,dc=com,dc=xyz,dc=cz" "(&(objectClass=person)(memberOf=cn=X,ou=BusinessRoles,ou=AccessControl,o=XYZ,dc=group,dc=com,dc=xyz,dc=cz))"
I get no results.
Did I make any mistake in the query? Is the memberOf syntax OK?
1.1from the end of your first search query withmemberOf. If you still do not get amemberOfvalue, then you are likely using a built-in group. - Bertold KolicsmemberOfvalue in results, even if I replace the1.1withmemberOfin search query. - shimon001