Authentication extended query to verify multiple groups
-
Hello!
I'm running a Windows Server 2019 domain controller for authentication. I've already studied the Microsoft wiki.
https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx
I'm trying to create a query which verifies whether a user is a member of one or the other group.
Verifying just one group works fine.
memberOf=CN=GroupA,DN=test,DN=domainTo verify two or more groups, according to the wiki, this should work:
(!(memberOf=CN=GroupA,DN=test,DN=domain)(memberOf=CN=GroupB,DN=test,DN=domain))
I'm not quite sure what the problem exactly is.
Not even this works:
(memberOf=CN=GroupA,DN=test,DN=domain)Is it a syntax error?
Thanks in advance for your help!
-
Can't believe it! Randomly tried something out and it works.
So the answer is:
!(memberOf=CN=GroupA,DN=test,DN=domain)(memberOf=CN=GroupB,DN=test,DN=domain)Sometimes less is more :)
-
@wellcomefit
EDIT, replace ! with |