DirectoryServiceData / Client / search_groups

search_groups

DirectoryServiceData.Client.search_groups(**kwargs)

Searches the specified directory for a group. You can find groups that match the SearchString parameter with the value of their attributes included in the SearchString parameter.

This operation supports pagination with the use of the NextToken request and response parameters. If more results are available, the SearchGroups.NextToken member contains a token that you pass in the next call to SearchGroups. This retrieves the next set of items.

You can also specify a maximum number of return results with the MaxResults parameter.

See also: AWS API Documentation

Request Syntax

response = client.search_groups(
    DirectoryId='string',
    MaxResults=123,
    NextToken='string',
    Realm='string',
    SearchAttributes=[
        'string',
    ],
    SearchString='string'
)

Parameters:

• DirectoryId (string) –

  [REQUIRED]

  The identifier (ID) of the directory that’s associated with the group.

• MaxResults (integer) – The maximum number of results to be returned per request.

• NextToken (string) – An encoded paging token for paginated calls that can be passed back to retrieve the next page.

• Realm (string) –

  The domain name that’s associated with the group.

  Note

  This parameter is optional, so you can return groups outside of your Managed Microsoft AD domain. When no value is defined, only your Managed Microsoft AD groups are returned.

  This value is case insensitive.

• SearchAttributes (list) –

  [REQUIRED]

  One or more data attributes that are used to search for a group. For a list of supported attributes, see Directory Service Data Attributes.

  • (string) –

• SearchString (string) –

  [REQUIRED]

  The attribute value that you want to search for.

  Note

  Wildcard (*) searches aren’t supported. For a list of supported attributes, see Directory Service Data Attributes.

Return type:

dict

Returns:

Response Syntax

{
    'DirectoryId': 'string',
    'Groups': [
        {
            'DistinguishedName': 'string',
            'GroupScope': 'DomainLocal'|'Global'|'Universal'|'BuiltinLocal',
            'GroupType': 'Distribution'|'Security',
            'OtherAttributes': {
                'string': {
                    'BOOL': True|False,
                    'N': 123,
                    'S': 'string',
                    'SS': [
                        'string',
                    ]
                }
            },
            'SAMAccountName': 'string',
            'SID': 'string'
        },
    ],
    'NextToken': 'string',
    'Realm': 'string'
}

Response Structure

• (dict) –

  • DirectoryId (string) –

    The identifier (ID) of the directory that’s associated with the group.

  • Groups (list) –

    The group information that the request returns.

    • (dict) –

      A group object that contains identifying information and attributes for a specified group.

      • DistinguishedName (string) –

        The distinguished name of the object.

      • GroupScope (string) –

        The scope of the AD group. For details, see Active Directory security groups

      • GroupType (string) –

        The AD group type. For details, see Active Directory security group type.

      • OtherAttributes (dict) –

        An expression of one or more attributes, data types, and the values of a group.

        • (string) –

          • (dict) –

            The data type for an attribute. Each attribute value is described as a name-value pair. The name is the AD schema name, and the value is the data itself. For a list of supported attributes, see Directory Service Data Attributes.

            Note

            This is a Tagged Union structure. Only one of the following top level keys will be set: BOOL, N, S, SS. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:

            'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
            

            • BOOL (boolean) –

              Indicates that the attribute type value is a boolean. For example:

              "BOOL": true

            • N (integer) –

              Indicates that the attribute type value is a number. For example:

              "N": "16"

            • S (string) –

              Indicates that the attribute type value is a string. For example:

              "S": "S Group"

            • SS (list) –

              Indicates that the attribute type value is a string set. For example:

              "SS": ["sample_service_class/host.sample.com:1234/sample_service_name_1", "sample_service_class/host.sample.com:1234/sample_service_name_2"]

              • (string) –

      • SAMAccountName (string) –

        The name of the group.

      • SID (string) –

        The unique security identifier (SID) of the group.

  • NextToken (string) –

    An encoded paging token for paginated calls that can be passed back to retrieve the next page.

  • Realm (string) –

    The domain that’s associated with the group.

Exceptions

• DirectoryServiceData.Client.exceptions.AccessDeniedException

• DirectoryServiceData.Client.exceptions.InternalServerException

• DirectoryServiceData.Client.exceptions.ValidationException

• DirectoryServiceData.Client.exceptions.DirectoryUnavailableException

• DirectoryServiceData.Client.exceptions.ThrottlingException