Retrieve sAMAccountName of users in LDAP group

2
votes

I need to retrieve user_ids (sAMAccountName) of a list of users under a LDAP group. I am using Spring security org.springframework.ldap.core.LdapTemplate with org.springframework.ldap.core.AttributesMapper implementation.

My search is:

template.search(base, filter, new AttributesMapperImpl());

My search (member of attribute) returns the name of the users (CN=Lname\, Fname M,OU=xxx,OU=xxx,OU=Users,OU=xx,DC=xx,DC=xxxxx,DC=xx). In order to get the sAMAccountName I have to turn around do another LDAP lookup.

Is there a way I could get sAMAccountName of users using a single lookup?

Thank you!

1
javaspringsecurityldapspring-ldap

1 Answers

1
votes

Since the LDAP server is an Active Directory you could make use of the memberOf attribute in the search filter to retrieve users belonging to a specific group and set returning attribute as sAMAccountName.

(&(objectClass=user)(memberOf=""))

Note that this is not a very efficient way.