%SYS.LDAP - how to list all LDAP Groups

Question

Question

Richard Roeder · Feb 15, 2018

#Microsoft Windows #Microsoft Windows Server #Object Data Model #Security #Caché

Hi,

I need list all available Windows AD groups .

How I do it?

I need to change the attributes of Windows Users of AD, adding and remove groups.

Note: I was able to make the connection to LDAP, and I listed the groups that a user.

Discussion (4)2

Log in or sign up to continue

Scott Roth · Feb 15, 2018

You can try the following...

https://community.spiceworks.com/topic/255740-powershell-script-to-show-all-groups-in-ad

0 0

score 0 · Answer 1 · 2018-02-15T11:53:24-05:00

Do you have access via Powershell? I was given some AD commands to pull using Powershell. I used this information to make sure the AD Group was being set correctly, and to figure out what to look for in my ZAUTHENTICATE that I am trying to build.

score 0 · Answer 2 · 2018-02-15T12:13:42-05:00

I haven't,

I need list the groups for load in the Caché, usign the %SYS.LDAP class.

what commands did you use?

score 0 · Answer 3 · 2018-02-15T12:29:55-05:00

for list all my user's groups , I executed this:

s LD=##Class(%SYS.LDAP).Init("ad.com.local")
s Status=##class(%SYS.LDAP).SimpleBinds(LD,"CN=adminUser,OU=ServicesUsers,OU=IHP,DC=domain,DC=ad","password")
s Filter="sAMAccountname=richard.roeder"
s Attributes=$lb("memberof")
s BaseDN="DC=domain,DC=ad"
s Status=##Class(%SYS.LDAP).SearchExts(LD,BaseDN,$zhex("02"),Filter,Attributes,0,"","",10,50,.SearchResult)
s CurrentEntry=##Class(%SYS.LDAP).FirstEntry(LD,SearchResult)
s ObjectClass=##Class(%SYS.LDAP).GetValues(LD,CurrentEntry,"memberof")
f i=1:1:$ll(ObjectClass) w !!,$lg(ObjectClass,i)_";"