When I go to the Group Audit dashboard, I am unable to retrieve the group members. When I open the search in a search window
| ldapsearch domain=DOMAIN1 search="(&(objectclass=group)(cn=Domain Admins))"|fields *|ldapgroup|`split-ldapgroup`|table member_name,member_domain,member_type|sort member_name|rename member_name as "Username",member_domain as "Domain",member_type as "Membership Type"
I get No results found.
If I change the search to include a domain switch on the ldapgroup command, I get results.
| ldapsearch domain=DOMAIN1 search="(&(objectclass=group)(cn=Domain Admins))"|fields *|ldapgroup domain=DOMAIN1|`split-ldapgroup`|table member_name,member_domain,member_type |sort member_name|rename member_name as "Username",member_domain as "Domain",member_type as "Membership Type"
In the sa-ldapsearch configuration, I had to leave the default with only a server entry and create additional alternate domains. If I configure the default domain with all DOMAIN1's configuration, then I don't anything. We have a forest with 4 root domains (yes I know!!) and need to specify the alternate domains.
Is there a place where I can edit the search so that it puts in the domain switch for the ldapgroup command as well?
Thanks
↧
