I am trying to write an integration process where I retrieve all AD users in a group 1 and then check their existence in group 2.
I initially assumed I could use the 'memberOf' keyword in the LDAP query operation to retrieve all users in a group, but this throws an error and I'm not sure it is valid.
My current process is:
1. Retrieve all users in the AD domain
2. Check for user's existence in group 1
3. Check for user's existence in group 2
This means my initial query will return nearly 20000 accounts before filtering out the ones I don't need. Is there a more efficient way of doing this?