Group
Stores a list of user Distinguished Names (DNs) for managing access and security roles on organizational resources.
テーブル固有の情報
Select
すべてのカラムは、演算子=、>=、<=、!=、LIKE、AND、およびOR のサーバー側の処理をサポートします。その他のフィルタは本製品 内でクライアント側で実行されます。例えば、次のクエリはLDAP によって処理されます。
SELECT * FROM Group WHERE GroupType != '-2147483644' AND ObjectClass = 'top;group' LIMIT 5
Insert
Group を追加するには、Id、DN、およびBaseDN 以外のすべてのフィールドを指定できます。必須のフィールドはRDN とObjectClass です。次に例を示します。
INSERT INTO Group (RDN, ObjectClass) VALUES ('CN=Domain Admins', 'group')
Update
Id、DN、およびBaseDN 以外のすべてのカラムは、WHERE 句にId を指定することで更新できます。次に例を示します。
UPDATE Group SET Member = 'CN=SUPPORT_388945a0,CN=Users,DC=MyDC' WHERE Id = '1|CN=HelpServicesGroup,CN=Users,DC=MyDC'
Delete
DELETE ステートメントにGroup のId を指定することで、グループを削除できます。次に例を示します。
DELETE FROM Group WHERE Id = '1|CN=HelpServicesGroup,CN=Users,DC=MyDC'
Columns
| Name | Type | ReadOnly | References | DataFormat | Description |
| Id [KEY] | String | True |
A combined index and Distinguished Name (DN) uniquely identifying the group. Multiple indices are supported if the column is set to 'SplitDataByRow'. | ||
| DN | String | True |
The full Distinguished Name (DN) that uniquely identifies the group in the LDAP directory. | ||
| RDN | String | False |
The Relative Distinguished Name (RDN), representing the unique portion of the DN within its parent container. | ||
| BaseDN | String | True |
The base Distinguished Name (BaseDN) indicating the starting point for LDAP operations related to the group. | ||
| GroupType | String | False | DelimitedData |
A set of flags that define the type and scope of the group object, such as whether it is a security or distribution group. Refer to LDAP documentation for possible values. | |
| ObjectClass | String | False | SplitDataByRow |
A list of LDAP object classes from which the group is derived, defining its attributes and behavior. | |
| Member | String | False | DelimitedData |
A list of Distinguished Names (DNs) representing users or other groups that are members of this group. | |
| NTGroupMembers | String | False | DelimitedData |
An unused attribute related to legacy Windows NT group membership functionality. | |
| OperatorCount | String | False | DelimitedData |
Tracks the number of operators assigned to this group for administrative purposes. | |
| AdminCount | String | False | DelimitedData |
Indicates whether the object's Access Control Lists (ACLs) have been adjusted for higher security due to membership in an administrative group. | |
| GroupAttributes | String | False | DelimitedData |
An unused attribute associated with additional group-specific attributes. | |
| GroupMembershipSAM | String | False | DelimitedData |
Provides support for down-level Windows NT group membership functionality. | |
| ControlAccessRights | String | False | DelimitedData |
Specifies the access control rights for determining which users can perform specific operations on the group. | |
| DesktopProfile | String | False | DelimitedData |
Specifies the location of the desktop profile for a user or group of users. This attribute is no longer in use. | |
| NonSecurityMember | String | False | DelimitedData |
Specifies non-security members of the group, often used for Exchange distribution lists. | |
| ManagedBy | String | False | DelimitedData |
The Distinguished Name (DN) of the user assigned as the manager of this group object. | |
| PrimaryGroupToken | String | False | DelimitedData |
A computed attribute used to retrieve the membership list of certain groups, such as Domain Users. Membership lists are not explicitly stored for scalability. | |
| String | False | DelimitedData |
A list of email addresses associated with the group or its members. |
Pseudo-Columns
SELECT ステートメントのWHERE 句では、疑似カラムフィールドを使用して、データソースから返されるタプルを詳細に制御することができます。
| Name | Type | Description |
| Filter | String |
Defines an explicit LDAP filter that overrides other filter values set in the WHERE clause of the query. |