Can I build a dynamic group based on part of a value contained in 'MemberOf' user attribute ?

Hi,

Can I build a dynamic group based on part of a value contained in 'MemberOf' user attribute ?

I have several groups with the same pattern but in different OU, they all have in their name the string 'RBA-CU-JMF'.

I tried to make a dynamic group with the following parameters:

Object Class: User

Object Property: Member Of

Condition: Contains

Value: RBA-CU-JMF

But the search remains empty.

If I replace the condition by 'Is Exactly' and replace 'RBA-CU-JMF' by the full DN it works but then I have to find each group with this pattern and specify each DN. It's not what I need since new groups with this pattern can be created later and their members need to be included in this dynamic group.

Have you experienced this?

Regards,

Nicolas

Parents
  • I'm assuming you need all the users in one flat group (maybe for a sync to AAD)

    A bit of an ugly workaround (because you can't to a "contains" on a DN field), but may work:

    Create a Dynamic Group of all the groups with Name Contains "RBS-CU-JMF". Name it something worthwhile like: "RBS-CU-JMF Groups"
    Create another Dynamic Group called: "RBS-CU-JMF Users" with an advanced search of: (&(objectCategory=user)(memberOf:1.2.840.113556.1.4.1941:=CN=RBS-CU-JMF Groups,OU=Groups,DC=ACME,DC=com)

Reply
  • I'm assuming you need all the users in one flat group (maybe for a sync to AAD)

    A bit of an ugly workaround (because you can't to a "contains" on a DN field), but may work:

    Create a Dynamic Group of all the groups with Name Contains "RBS-CU-JMF". Name it something worthwhile like: "RBS-CU-JMF Groups"
    Create another Dynamic Group called: "RBS-CU-JMF Users" with an advanced search of: (&(objectCategory=user)(memberOf:1.2.840.113556.1.4.1941:=CN=RBS-CU-JMF Groups,OU=Groups,DC=ACME,DC=com)

Children
No Data