LDAP Filtering

Just started to work with Openfire 3.7.0 and hitting a road block with LDAP. I know there is a way to filter results without bringing in tons of AD items into Openfire, but I’m not having any luck figuring out the syntax.

Users are located in a Departments OU - which I have created as the Base DN successfully. However, the users and their computers are being imported so when you search you see the user and user-PC. I’d like to filter out anything with a ‘-PC’ from coming in. How exactly would I build that with ldap.searchfilter?

Likewise, our groups in AD are in the Users OU - being that the Base DN is at Departments, those won’t ever come in unless I change the Base DN. Would I use the ldap.groupsearchfilter in this case?

It seems like I’m at the mercy of the AD setup.

After doing some forum digging, might have figured out a better way (although maybe a few extra steps in the long run). http://community.igniterealtime.org/message/196870#196870