Search Filters

I am looking for a solution for a custom user searchfilter. Here is the example LDAP query I use to filter out all the crap in AD:


By default, all that is there is (objectClass=organizationalPerson). I assume that I can just copy and paste my ldap query into the wildfire.xml under the field.

Do any of the experts out there know of any problems I will run into using the above ldap query?



Okay, so I didn’'t get a response so I figured I would just give it a shot… no go. Not really sure where Wildfire had the problem but I did make some progress. By only using:


So, the problem was either with my logical AND (&) or my logical NOT (!).

Or, it could have been the userAccountControl object property is not supported. I use this property to filter out disabled user accounts in AD LDAP queries. “userAccountControl:1.2.840.113556.1.4.803:=2” means the account has been disabled.

Does anybody have any ideas?

After doing a little more research, I came across this thread:

I changed my search filter to this:

It works like a charm. Now, the only users that show up out of AD are thos with a value set for firstname, lastname, e-mail address and those that are not disabled.