I am trying to create an LDAP filter for Windows AD that will enumerate all users of a specified group. This group will be a member of other groups, which groups contain the users.
-EDIT- For example:
user1, user2 members of IT-SysAdmins, which is a member if IT-Helpdesk, which is a member of IT-Users.
user3, user4 are members of IT-Helpdesk, which is a member if IT-Users.
I want this filter to find all users 1-4 by pointing it to IT-Users group
This does not work for me:
(&(samAccountName=%s)(objectClass=user)(samAccountType=805306368)(memberOf=CN=IT-Users,OU=DomainGlobalGroups,OU=SecurityGroups,OU=Groups,OU=Company,DC=domain,DC=local))
If I leave off the memberOf=... filter, it finds all users in the company.