>> Maybe this?
> Could be. At least i'm starting to understand, but still does not work.
Finally i've got a working query as:
${lookup ldapm {user=LOCAL_AD_BINDDN pass=LOCAL_AD_PASS ldap:///LOCAL_AD_BASE_DN?uid?sub?(&(objectClass=user)(|\
${sg \
{ ${sg \
{ ${sg \
{ ${sg \
{ ${lookup ldap {user=LOCAL_AD_BINDDN pass=LOCAL_AD_PASS ldap:///LOCAL_AD_BASE_DN?member?sub?(&(objectClass=group)(cn=${quote_ldap:${local_part}}))}} }\
{,,} {%}}\
}\
{(,|^)([^,]+)} {(distinguishedName=${quote_ldap:\$2})}}\
}\
{%} {,}}\
}\
{ } {}}\
))}}
So:
a) query 'member' in group
b) replace ',,' with '%' in result
c) replace comma separated DN with '(distinguishedName=DN)'
d) replace back '%' to ','
e) remove spaces, that really i've not understood where get inserted. ;-)
A rather complex query, but works. ;-)
--
Per trovare qualcosa sui siti di Ms devi usare Google :-)
(Simo Sorce, da samba-it)
