powered by Jive Software

LDAP filter: negation

LDAP and Active Directory – dang, I’'ve never had this much of a problem with LDAP filters (use ''em for other things).

For example, this filter:


should eliminate members of that security group. However, the negation doesn’‘t seem to work (the "can’'t log in to even find out" problem).

Is there a need for something equivalent for ! to for *? How on earth to do negation in LDAP queries?

Well, OK. That was simple.


Now, however, I’'m having problems excluding several security groups in a single filter – problems with chaining ORs or ANDs.Bother.

its all prefix so if you want to chain them you need to do something like (&(this)(andthis))