October 6th, 2012, 09:04 AM
LDAP, GC, memberOf, no access to domains
Hey guys. I'm having some trouble figuring something out. My company has multiple domains (say one.company.com, two.company.com and three.company.com) but I only have access to one of them (say one.company.com). So I can run queries against that one but not the others.
So what I have been doing is running queries against the GC for company.com and that searches everything. Problem is that does not return memberOf details. Anyway I can query the GC for an object and then get it's memberOf?
GC result might return an object that is in one of the domains I do not have access to so I cannot just run a second query against that one....
"<GC://dc=company,dc=com>;(&(...)(...));name,CN,distinguishedName;subtree" gives me "cn=....,ou=bravo,ou=alpha,dc=two,dc=company,dc=com" which is the result I want, but now I need that objects parentOf and I can't do "<LDAP://ou=bravo,ou=alpha,dc=two,dc=company,dc=com>..." because I do not have access to two.company.com.