This content has been marked as final. Show 1 reply
The memberurl is pretty much it. As far as I know, there really isn't much more to the object. If you already have a DN and you want to know whether it would be returned by a search defined by the memberurl, you can probably do some compare operations or just tack on the filter from the memberurl, like:
ldapsearch -s base -b <UserDN> "MemberUrlFilter" dn
and see if the DN comes back. Depending on the scope in the memberURL, you can also probably do something with entrydn to see if the base dn in the memberurl is superior to the userDN, like
ldapsearch -s base -b <UserDN> "(&(MemberUrlFilter)(entrydn=*,MemberUrlBaseDN))"
or just check that by eye. Bottom line, the simplest way is to just do the search defined in the memberURL and see if your DN comes back.