LDAP generally doesn't have any such thing as a "primary group" for a user. A user can be a member of any number of groups, and none of them is given any special priority over the others.
If you're talking about using a directory server as an alternate name service repository for something like /etc/group (as defined in RFC 2307 or draft-howard-rfc-2307bis), then I believe that the gidNumber attribute in the user's entry would hold the numeric identifier for the group, and then you could retrieve the entry for that group with a subtree search that uses a filter like "(gidNumber={value})".
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I just realized there should probably be one minor alteration to the query I provided -- it should be "(&(objectClass=posixGroup)(gidNumber={value}))". Otherwise, the filter would match entries for members of that group as well.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
How do I retrieve primary group of a user using Unboundid ldap sdk? Please kindly provide me any snippet!
LDAP generally doesn't have any such thing as a "primary group" for a user. A user can be a member of any number of groups, and none of them is given any special priority over the others.
If you're talking about using a directory server as an alternate name service repository for something like /etc/group (as defined in RFC 2307 or draft-howard-rfc-2307bis), then I believe that the gidNumber attribute in the user's entry would hold the numeric identifier for the group, and then you could retrieve the entry for that group with a subtree search that uses a filter like "(gidNumber={value})".
Thank you so much !
I just realized there should probably be one minor alteration to the query I provided -- it should be "(&(objectClass=posixGroup)(gidNumber={value}))". Otherwise, the filter would match entries for members of that group as well.