I run a query (memberof=CN=Domain Users,DC=MYDOMAIN, DC=MYCOM)
but it return zero result, same query if I run for other group it return results.
As far as I understand, when you create a user it's by default member of Domain Users
. You can't see it in the memberOf
attribute, but you can see it in the primaryGroupID (513=(GROUP_RID_USERS))
. You can't suppress it unless you add a group and make it primaryGoup for a given user.
A command like the following can allow you to build the list of people belonging to Domain Users
.
ldifde -f file.ldf -d "ou=Monou,dc=dom,dc=fr" -r "(&(objectclass=user)(|(primaryGroupID=513)(memberOf=CN=Utilisateurs du domaine,CN=Users,DC=dom,DC=fr)))"
Be Careful
Administrator
to be able to filter on memberOf
attribute.Changing the Primary group.
There is just ONE primary group. You can change the primary group. For that, you add the user to another group and make it primary. Then Primary group will be change to the RID of the other group
Here under the primary Group is MonGroupe
.
You can see the RID when it's selected as primary group.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With