I just installed 3.8.1 and I am trying to filter the LDAP (Active Directory) search . I have done searches in the past and have found several filter strings that can be used…
**removes computer accounts, system accounts, disabled users, and contacts. It also uses users that have an email address **
(objectclass=person)(mail=*)(!(objectclass=computer))(!(objectclass=contact))(!( cn=SystemMailbox))(!(cn=IUSR))(!(cn=IWAM))(!(userAccountControl:1.2.840.1 1 3556.1.4.803:=2)))
At this point…I can only get the first one that remove computer accounts from LDAP.
I am hoping someone can help me out here…
What I am looking to do is to only show active users and groups. Remove disabled users, remove computers, remove system accounts, etc.
make sure you don’t have any extra spaces…loks like you have another one userAccountControl:1.2.840.11 3556.1.4.803:=2))) there shouldn’t be a space between 113556