I'm working on a new system that my superiors have determined should use
LDAP for it's authentication and user management. Not real bad, but it's
proving to be a bit of a hassel.

I'm using a Lotus Domino server for the LDAP part. If, in the
ldap_search(...) function I pass it "o=myCompany" for the dn parameter (the
second parameter), I only get back the list of users, not the groups. I
only want back the groups in this instance.

The problem stems from the way Domino is returning the group information...
they don't belong to an "o" or anything like that. The only way to set
them apart from a person is through the objectclass, which can't be used in
the dn parameter.

Here's what Domino gives back for a group:

CN=cfUnixAdmin
cn=cfUnixAdmin
objectclass=top
objectclass=groupOfNames
objectclass=dominoGroup
member=CN=Bob Jones,O=myCompany
member=CN=John Doe,O=myCompany
member=CN=Bubba Smith,O=myCompany

So, the question is, how do you form an ldap search to get back the groups?
--
Mike Discenza