Ldap – Active Directory memberOf LDAP syntax

active-directoryidentity-managementldapsun

I want to add a user (from Sun IDM to Active Directory) to more than one group.
The command memberOf: CN=AAA,OU=AAA,DC=AAA,DC=AAA is for only one and I want to add a second one immediatly after the first; e.g.:
memberOf: CN=AAA,OU=AAA,DC=AAA,DC=AAA and CN=BBB,OU=BBB,DC=BBB,DC=BBB

Best Answer

Depending on how you're doing the adding, there are a couple of ways of doing this. MemberOf is a multi-valued attribute. If you're using an LDIF file, or direct LDAP syntax, you just add multiple MemberOf statements:

Department: Human Resources
MemberOf: CN=AAA,OU=BBB,DC=CCC,DC=DDD
MemberOf: CN=AAB,OU=BBB,DC=CCC,DC=DDD
MemberOf: CN=ABC,OU=CDE,DC=CCC,DC,DDD
Full Name: Milton Ives

Related Solutions

Windows Active Directory – Command Line to List Users in a Group

try

dsget group "CN=GroupName,DC=domain,DC=name,DC=com" -members

Ldap – Giant active directory deployment vs giant Sun LDAP

This is a good place to start: http://technet.microsoft.com/en-us/library/cc756101(WS.10).aspx.

This tool is quite outdated (it was made for Windows 2000 and only knows about < 1 Ghz CPUs), yet still says that 3-4 DCs will be more than enough for 500,000 users of which 50,000 are active daily. I don't think you should have any problem managing such a database with today's hardware.

Best Answer

Related Solutions

Windows Active Directory – Command Line to List Users in a Group

Ldap – Giant active directory deployment vs giant Sun LDAP

Related Topic