i have one AD group that contains 5 users. 3 of the users are from the Domain1
and 2 are from a trusted Domain2
i have a problem getting the users from domain2
after i read out what users have access to what groups.
I'm using openquery to adsi. (The domain and servers are 2008 R2)
This is an expansion of this topic
Query AD Group Membership Recursively Through SQL
Update This is the query but im getting error:
select samAccountName,distinguishedName
FROM OPENQUERY(ADSI,'
SELECT samAccountName,distinguishedName
FROM ''LDAP://domain/DC=...,DC=....,DC=....''
WHERE
objectCategory=''user'' AND
memberof:1.2.840.113556.1.4.1941:= ''CN=..,OU=..,DC=...,DC=....,DC=....'' ')
This is my query that workes but im not getting the nested groups OR users from other domain.
select samAccountName,distinguishedName
FROM OPENQUERY(ADSI,'
SELECT samAccountName,distinguishedName
FROM ''LDAP://domain/DC=...,DC=....,DC=....''
WHERE
objectCategory=''user'' AND
memberof= ''CN=..,OU=..,DC=...,DC=....,DC=....'' ')
No knowledge on openquery to adsi. Only some comments:
UPDATE:
Okay, according to your link Query AD Group Membership Recursively Through SQL,
the following should work:
Also, please check the functional level according to:
http://www.technipages.com/active-directory-how-to-check-domain-and-forest-functional-level
The ":1.2.840.113556.1.4.1941:=" syntax requires functional level of 2008 R2.