So we have this LDAP query (against OpenLdap)
(&(objectClass=groupOfNames)(member=cn=admin,dc=test,dc=com))
The query returns all groups that admin is member of. It also returns all other users in those groups. This is an issue when you have +10.000 users that are in the same group.
Is there a way to just return the group names? Like an returned attributes filter?
In Java there is an option like that but I don't know if it just does the query and filters the results clientside, or how to write it as a LDAP query. Example:
String returnedAtts[]={"memberOf","name","mail"};
search.setReturningAttributes(returnedAtts);
NamingEnumeration answer = ctx.search(searchBase, "(&(objectClass=user)(sAMAccountName="+username+"))", search);
Yes I know. Using memberOf would be a more better option. But this LDAP doesn't have that attribute
If you use setReturningAttributes(list), LDAP server will return only those. You do not have to include the attributes your search filter is based on. This is the correct solution to your problem.