I want to find all the users that are a member of a group in a certain OU, so my filter would look something like this:
(&(objectClass=user)(memberOf=*OU=something,OU=yep,DC=dev,DC=local))
Is there a way to run a directorysearcher on the memberof property with a wildcard?
You need to set the OU you want to search as the root of your DirectorySearcher:
DirectoryEntry myOU = new DirectoryEntry("OU=something,OU=yep,DC=dev,DC=local");
DirectorySearcher srch = new DirectorySearcher(myOU);
srch.SearchScope = SearchScope.Subtree;
and then use just the objectCategory=person for your filter - I would use objectCategory which is single-valued and indexed and thus fast rather than objectClass (which is multi-valued and not indexed):
srch.Filter = "(objectCategory=person)";
If you still want to check for membership in a group in addition to being part of the OU, you can add this as a member-of part to the filter:
srch.Filter = "(&(objectCategory=person)(memberOf=cn=Group,ou=yep,dc=dev,dc=local))";
Not totally sure about the wildcards - in general, LDAP search filters do support wildcards, but I'm a bit hesitant about using a wildcard in a RDN like this group DN here.
Marc
According to this thread, wildcard search for DNs are not supported in Active Directory.