SQL & PL/SQL

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

DBMS_LDAP - Get AD group members

partlycloudyOct 12 2016 — edited Jan 12 2017

With some help from this forum, I was able to query Active Directory to get all the groups a particular user belongs to. Now I would like to go the other way i.e. given a (AD security) group, I would like to list all its members.

I used a search filter of (&(objectCategory=group)(cn=My Group)) and attribute member to the DBMS_LDAP.SEARCH_S API and this returns a list of CNs e.g.

CN=Doe\, John,OU=Users,OU=Group4,OU=NY,DC=domain,DC=com

But member is a multi-valued attribute. Instead of parsing the CN string, I would like to retrieve some other key attributes about the user that are stored in custom properties in AD e.g. employeeNumber, employeeID, etc.

Something similar to the PowerShell cmdlet Get-AdGroupMember

Any ideas? Thanks

This post has been answered by klacey on Jan 11 2017

Jump to Answer

Locked Post

New comments cannot be posted to this locked post.

Locked on Feb 8 2017

Added on Oct 12 2016

1 comment

3,864 views