I am trying to update my filter currently appled to the People Picker in SharePoint (WSS).
I am using stsadm to set the filter.
Something like...
stsadm -o setproperty -url http://webserver:39770 -pn peoplepicker-searchadcustomfilter -pv "(&(userAccountControl=512)(objectCategory=person)(objectClass=user)(memberOf=cn=All Users Group,ou=E-Mail Distribution Lists,dc=domain,dc=com,dc=au))"
I know how to do this but want to change the LDAP query. This is where I need your help.
I would like to query an OU in AD and return all the groups in it.
As a fall back I could put all groups in the OU into their own group and just query the group using the following query...
(&(memberOf=CN=WSSPeoplePickerGroup,OU=Groups,DC=domain,DC=com,DC=au)(objectCategory=group))
... but I would like to directly query the OU if I can. It has become a bone I don't want to let go of just yet, so hopefully there is someone smarter than me out there.
I think where I need to head is something like the following query I found. As I understand it this is known as an extensible search match and they are filtering on the 'name' of OU but I am having trouble seeing how I might apply this to what I want (despite the numerous attempts I have made), if this is indeed the approach I should take.
(&(objectClass=group)(&(ou:dn:=Chicago)(!(ou:dn:=Wrigleyville))))
TIA