Search query filter

LDAP search filters are defined using a notation that is fully described in RFC 2254 “The String Representation of LDAP Search Filters”. You can see this document at http://rfc.net/rfc2254.html.

To establish your own filters, you also need an understanding of your directory’s schema. The schema defines the objects and their attributes that constitute your directory content.

Examples

The Directory Synchronization Client lets you define a search query filter that targets the objects in your directory that are examined for email address attributes.

If you want to include all objects in your search query, enter the following in the Search filter field:

(objectclass=*)

The following filter includes all Microsoft Exchange users that are currently enabled:

(&(objectclass=user)(msexchuserAccountcontrol=0))

The following filter includes all objects that define users and groups. This may include both security groups and mailing lists.

(|(objectclass=user)(objectclass=group))

If you want to exclude the system mailbox objects in Microsoft Exchange from the search described above, you could modify the filter as follows:

(&(|(objectclass=user)(objectclass=group))

(!(cn=SystemMailbox*)))