how to get groups of a user in ldap

Question

i am using openldap with phpldapadmin, and i\'m trying to check what are the groups of a certain user. this is my scheme ...

this is what i tried, but it

Answer 1

There are tons of literature on LDAP and queries, that explain how to search for groups, with examples.

First the baseDN (-b) should be the top of your hierarchy: dc=openldap.

Second, you're searching from groups, so the filter should include (objectclass=groupOfNames)

Finally, you're searching for the groups a user is member of, and the filter should be (member=cn=root,ou=django,dc=openldap)

The resulting query is then:

ldapsearch -x -H "ldap://openldap" -D "cn=admin,dc=openldap" -w admin -b "dc=openldap" '(&(objectClass=groupOfNames)(member=cn=root,ou=django,dc=openldap))'

This will return the group entries. If you are only interested in the name, add   dn at the end of the query.

Answer 2

To get groups of user for user1 this search filter should be enough:

(&(memberUid=user1))

However note that group search attrribute may be different based on open ldap configuration. It can be member, uniqueMember, memberUid etc