Is there any way to read all groups for an Active Directory user from LotusScript or @Formula in IBM Notes, if the Active Directory was added to Directory Assistance DB on the Domino server?
Asked
Active
Viewed 1,221 times
1 Answers
2
Assuming that your code will be running on a Windows machine, you can use ADODB.Connection as described in the answer to a previous question. And as described on this TechNet page, the filter you are going to need to issue will look something like this:
(member:1.2.840.113556.1.4.1941:=cn=Jim Smith,ou=West,dc=Domain,dc=com)
The sequence of numbers is explained on this page. It is what will give you a recursive search through nested groups.
The baseDN in the LDAP URL in your ADODV.Command call will be the root of your groups in AD, and the scope will be ?sub for a subtree search. That's explained in this answer to yet another question. And here's some documentation of LDAP URL format to help you put this all together.
Community
- 1
- 1
Richard Schwartz
- 14,463
- 2
- 23
- 41