Hi,
I need list all available Windows AD groups .
How I do it?
I need to change the attributes of Windows Users of AD, adding and remove groups.
Note: I was able to make the connection to LDAP, and I listed the groups that a user.
Do you have access via Powershell? I was given some AD commands to pull using Powershell. I used this information to make sure the AD Group was being set correctly, and to figure out what to look for in my ZAUTHENTICATE that I am trying to build.
I haven't,
I need list the groups for load in the Caché, usign the %SYS.LDAP class.
what commands did you use?
for list all my user's groups , I executed this:
s LD=##Class(%SYS.LDAP).Init("ad.com.local")
s Status=##class(%SYS.LDAP).SimpleBinds(LD,"CN=adminUser,OU=ServicesUsers,OU=IHP,DC=domain,DC=ad","password")
s Filter="sAMAccountname=richard.roeder"
s Attributes=$lb("memberof")
s BaseDN="DC=domain,DC=ad"
s Status=##Class(%SYS.LDAP).SearchExts(LD,BaseDN,$zhex("02"),Filter,Attributes,0,"","",10,50,.SearchResult)
s CurrentEntry=##Class(%SYS.LDAP).FirstEntry(LD,SearchResult)
s ObjectClass=##Class(%SYS.LDAP).GetValues(LD,CurrentEntry,"memberof")
f i=1:1:$ll(ObjectClass) w !!,$lg(ObjectClass,i)_";"
You can try the following...
https://community.spiceworks.com/topic/255740-powershell-script-to-show-all-groups-in-ad