Open e2robot opened 2 years ago
Seems to be it is "by design", as many find_* methods points to a common worker. You can comment out ldap_constants.AD_ATTRIBUTE_MEMBER addition at ms_active_directory/tree/main/ms_active_directory/core/ad_session.py:1836 and replace elif with else later at :1860 (here group member filtering applies). This trick will work only if you run find_groups_for_user, not find_groups_for_users.
hi @antonvn1 ! it was by design but that was largely because I wrote this entire library fully based on the things I thought were nice and the use cases I could think of offhand
if others want to propose changes, I'm more than happy to review PRs and merge them as long as they're reasonable
I use something like the following to get the groups a user is a member of.
netbios=os.environ["COMPUTERNAME"] session=domain.create_session_as_computer(netbios) user_cn="citizenj" groups=session.find_groups_for_user(user_cn)
Groups variable contains a list of groups with all members of each group. Is this by design ? Seems a very heavy query on a large domain with thousands of users in some groups.
I know I can get just the group names by the following
for group in groups: print (group.distinguished_name)
But is there a way to get just the group names directly without pulling all the members ?