Re: [HELP NEEDED] LDAP import AD groups

Wed, 05 Aug 2015 10:50:08 -0700 

Sure, thanks a lot!

WBR, Maxim
(from mobile, sorry for the typos)
On Aug 5, 2015 23:32, "Michael Wuttke" <mwut...@beuth-hochschule.de> wrote:

> I will have a look tomorrow. Ok?
>
> Thanks,
> Michael
>
> Am 05.08.2015 um 16:16 schrieb Maxim Solodovnik:
> > Any chance to get the list of the groups by uid? Not dn?
> >
> > WBR, Maxim
> > (from mobile, sorry for the typos)
> >
> > On Aug 5, 2015 21:56, "Michael Wuttke"
> > <michael.wut...@beuth-hochschule.de
> > <mailto:michael.wut...@beuth-hochschule.de>> wrote:
> >
> >     Hi,
> >
> >     the following query gives me only a list of my groups:
> >     ldapsearch -H "ldaps://servername:636/" -D "mycompany\mwuttke" -b
> >     "ou=Accounts,dc=mycompany,dc=de" -W "(uid=mwuttke)" -LLL -y ~/.pw
> >     memberof
> >     dn: CN=Michael Wuttke,OU=Employee,OU=Accounts,DC=mycompany,DC=de
> >     and so on ...
> >
> >     Thanks,
> >     Michael
> >
> >     Am 05.08.2015 um 17:43 schrieb Maxim Solodovnik:
> >
> >         Any member? Or currently logged in member?
> >
> >         WBR, Maxim
> >         (from mobile, sorry for the typos)
> >
> >         On Aug 5, 2015 20:59, "Michael Wuttke"
> >         <michael.wut...@beuth-hochschule.de
> >         <mailto:michael.wut...@beuth-hochschule.de>
> >         <mailto:michael.wut...@beuth-hochschule.de
> >         <mailto:michael.wut...@beuth-hochschule.de>>> wrote:
> >
> >             Hello Maxim,
> >
> >             with this ldap search query I will get the groups of an AD
> >         member:
> >             ldapsearch -H "PROTOKOLL://SERVER:PORT/" -D "DOMAIN\ACCOUNT"
> -b
> >             "SEARCHBASE" -W "FILTER" (-LLL) memberof
> >
> >             Am 05.08.2015 um 16:00 schrieb Michael Wuttke:
> >
> >                 Hello Maxim,
> >
> >                 sorry but we use M$ AD and it returns nothing or only
> errors
> >                 with this
> >                 query. ;-(
> >
> >                 Greetings,
> >                 Michael
> >
> >                 Am 05.08.2015 um 15:18 schrieb Maxim Solodovnik:
> >
> >                     Hello Michael,
> >
> >                     Thanks for your reply
> >                     I need query to get all groups of user with some uid.
> >
> >                     so I get uid for for the user: for ex. "solomax"
> >                     I need to get all groups this user is part of.
> >
> >                     On my test LDAP server this query:
> >                     (&(memberUid=test1)(objectClass=posixGroup)) returns
> >         DNs of
> >                     all groups
> >                     for given UID
> >
> >
> >
> >                     On Wed, Aug 5, 2015 at 7:11 PM, Michael Wuttke
> >                     <michael.wut...@beuth-hochschule.de
> >         <mailto:michael.wut...@beuth-hochschule.de>
> >                     <mailto:michael.wut...@beuth-hochschule.de
> >         <mailto:michael.wut...@beuth-hochschule.de>>
> >                     <mailto:michael.wut...@beuth-hochschule.de
> >         <mailto:michael.wut...@beuth-hochschule.de>
> >                     <mailto:michael.wut...@beuth-hochschule.de
> >         <mailto:michael.wut...@beuth-hochschule.de>>>> wrote:
> >
> >                          Hello Maxim,
> >
> >                          I don't know how to use the ldap_search for
> >         your query.
> >
> >                          But we use owncloud. Here are our LDAP queries
> >         we use
> >                     for owncloud:
> >
> >                          the ldap query for users:
> >                          (&(|(objectclass=person))
> >
> >
> >
>  
> (|(|(memberof=CN=Owncloud-admins,OU=Groups,DC=mycompany,DC=de)(primaryGroupID=xyz0))
> >
> >
> >
> >
>  (|(memberof=CN=Students,OU=Groups,DC=mycompany,DC=de)(primaryGroupID=xyz1))
> >
> >
> >
> >
>  
> (|(memberof=CN=Employee,OU=Global,OU=Groups,DC=mycompany,DC=de)(primaryGroupID=xyz2))
> >
> >
> >
> >
>  
> (|(memberof=CN=Academics,OU=Global,OU=Groups,DC=mycompany,DC=de)(primaryGroupID=xyz3))
> >
> >                          ))
> >
> >                          the ldap query for login attributes:
> >                          (&(&(|(objectclass=person))
> >
> >
> >
>  
> (|(|(memberof=CN=Owncloud-admins,OU=Groups,DC=mycompany,DC=de)(primaryGroupID=xyz0))
> >
> >
> >
> >
>  (|(memberof=CN=Students,OU=Groups,DC=mycompany,DC=de)(primaryGroupID=xyz1))
> >
> >
> >
> >
>  
> (|(memberof=CN=Employee,OU=Global,OU=Groups,DC=mycompany,DC=de)(primaryGroupID=xyz2))
> >
> >
> >
> >
>  
> (|(memberof=CN=Academics,OU=Global,OU=Groups,DC=mycompany,DC=de)(primaryGroupID=xyz03))
> >
> >                          (|(sAMAccountName=%uid)))
> >
> >                          and the ldap query for groups:
> >
> >
> >
>  
> (&(|(objectclass=group))(|(cn=Employee)(cn=Students)(cn=Owncloud-admins)(cn=Academics)))
> >
> >
> >                          Here is the docu how to configure ldap auth:
> >
> >
> >
> https://doc.owncloud.org/server/8.1/admin_manual/configuration_user/user_auth_ldap.html
> >
> >
> >                          and the cowncloud code repo the ldap auth app:
> >
> >         https://github.com/owncloud/core/tree/master/apps/user_ldap
> >
> >                          Maybe it helps you?
> >
> >                          Thanks & Greetings,
> >                          Michael
> >
> >                          Am 05.08.2015 um 14:29 schrieb Maxim Solodovnik:
> >
> >                              ups, sorry wrong keyboard :(((
> >
> >                              ---- Can anyone with access to AD check if
> this
> >                     query works in
> >                              AD, and
> >                              сщккусе ше ащк ФВ ша тще,
> >                              ++++ Can anyone with access to AD check if
> this
> >                     query works in
> >                              AD, and
> >                              correct it for AD if not,
> >
> >                              On Wed, Aug 5, 2015 at 6:28 PM, Maxim
> >         Solodovnik
> >                              <solomax...@gmail.com
> >         <mailto:solomax...@gmail.com> <mailto:solomax...@gmail.com
> >         <mailto:solomax...@gmail.com>>
> >                     <mailto:solomax...@gmail.com
> >         <mailto:solomax...@gmail.com> <mailto:solomax...@gmail.com
> >         <mailto:solomax...@gmail.com>>>
> >                              <mailto:solomax...@gmail.com
> >         <mailto:solomax...@gmail.com>
> >                     <mailto:solomax...@gmail.com
> >         <mailto:solomax...@gmail.com>> <mailto:solomax...@gmail.com
> >         <mailto:solomax...@gmail.com>
> >                     <mailto:solomax...@gmail.com
> >         <mailto:solomax...@gmail.com>>>>>
> >                     wrote:
> >
> >                                   Hello All,
> >
> >                                   I'm currently trying to implement
> >
> https://issues.apache.org/jira/browse/OPENMEETINGS-1214
> >                                   I was able to find query to get all
> >         groups in
> >                     LDAP:
> >
> >                                   The following query seems to be able
> >         to list
> >                     all groups for
> >                              the user
> >                                   with "uid == test1":
> >                              (&(memberUid=test1)(objectClass=posixGroup))
> >
> >                                   Can anyone with access to AD check if
> this
> >                     query works in
> >                              AD, and
> >                                   сщккусе ше ащк ФВ ша тще,
> >
> >                                   Thanks in advance!
> >
> >                                   --
> >                                   WBR
> >                                   Maxim aka solomax
> >
>

Reply via email to