I ended up using the "tokenGroups" property of the user, which seems to return all the groups the user is in, even the ones in which he is member transitively. here's my code: DirectorySearcher searcher = new DirectorySearcher(); DirectoryEntry rootEntry = new DirectoryEntry(_ldap, _loginName, _password, AuthenticationTypes.ReadonlyServer); searcher.SearchRoot = rootEntry; searcher.SearchScope...
One solution: $dn = "CN=TEST_FOLDER_RW,OU=Groups,OU=Managed,OU=europe,DC=company,DC=com" $path = $dn.Split(",") $name = $path[0] -replace 'CN=','' $path = ($path[1..$path.Count]) -join ',' Then $name and $path equal to: $name TEST_FOLDER_RW $path OU=Groups,OU=Managed,OU=europe,DC=company,DC=com ...