I am looking for a solution for a custom user searchfilter. Here is the example LDAP query I use to filter out all the crap in AD:
By default, all that is there is (objectClass=organizationalPerson). I assume that I can just copy and paste my ldap query into the wildfire.xml under the field.
Do any of the experts out there know of any problems I will run into using the above ldap query?
Okay, so I didn’'t get a response so I figured I would just give it a shot… no go. Not really sure where Wildfire had the problem but I did make some progress. By only using:
So, the problem was either with my logical AND (&) or my logical NOT (!).
Or, it could have been the userAccountControl object property is not supported. I use this property to filter out disabled user accounts in AD LDAP queries. “userAccountControl:1.2.840.1135220.127.116.113:=2” means the account has been disabled.
Does anybody have any ideas?
After doing a little more research, I came across this thread:
I changed my search filter to this:
It works like a charm. Now, the only users that show up out of AD are thos with a value set for firstname, lastname, e-mail address and those that are not disabled.