LDAP User filter

I am trying to create a user filter based on membership of groups called “OpenfireIM*”

Here is the filter that I am tring to use: (&(member=OpenfireIM*)(objectClass=group)(sAMAccountName=))

I know that it is not correct, I need some help.

Any suggestions?

It can be done like this:

(&(objectClass=organizationalPerson)(memberOf=CN=OpenfireIM,OU=Objects,DC=Compan y,DC=local))

you are looking for user, so objectClass=organizationalPerson

and you cant use * in name, you must use Distinguished Name instead

I can use this filter to get the users in a specific group:

(&((objectCategory=Person)(memberOf=CN=OpenfireIM_Executives,CN=Users,DC=country ,DC=company,DC=com)))

Which gets me close, but what I need to do is get every user that is in a group that contains “OpenfireIM” at the begining of the group name. I was thinking

it might be possible like this:

(&((objectCategory=Person)(memberOf=CN=OpenfireIM*,CN=Users,DC=country,DC=compan y,DC=com)))

But, no go.

Is it possible to get all the users in multiple groups?



What I do is this…

For users, I use:

<searchFilter>(&(objectClass=user)(memberOf=CN=WF_Allusers_U;CN=Users ;DC=*****))</searchFilter>

For my groups, I use this, all of my Wildfire/Openfire groups start with WF_

<groupSearchFilter>(&(objectCategory=Group)(objectClass=group)(CN=WF_ *))</groupSearchFilter>

What I did was add every user to the WF_Allusers_U group and then into their various other roster groups…

Works great for me

It looks like LDAP filter syntax can’t support the wildcard in a full DN specification like that. You should at least be able to filter the groups that get loaded, and then it shouldn’t automatically load the users not associated with those groups.

if you want to have multiple groups with the same name across separate OU’s try this as well:

(&(objectClass=userproxy)(uid=)(|(memberof=CN=IM,OU=Groups,OU=TREE1,DC=BLAH,DC=COM)(memberof=CN=IM2,OU=Groups2 ,OU=TREE2,DC=BLAH,DC=COM)))


I think that I figured out the group issue, but now it does not show when a user logs on or off, only the state of other users at the time of logging on, anyone seen that before?

I rebuilt the openfire server and all is well. Thanks for your help.


i also have same problem. im trying to use user filter like this : ((&(objectClass=organizationalPerson)(memberOf=CN=domain_users,OU=Objects,DC=Of fice,DC=local)) and when i do the test checking its fails. any suggestions what the problem might be? ill be more than happy if you can explain to me step by step what to do.