Filter for selecting active users from AD/LDAP
How to select only active AD accounts?
Below is a filter for selecting only active user accounts in ActiveDirectory:
(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))where :1.2.840.113556.1.4.803: is a bitwise AND in the LDAP format.
Enter this filter in the field Filter for importing and synchronization in Administration - System - System Settings - External authentication modules in the Import Users unit of the New external authentication module window (fig. 1)
.png)
Fig. 1. New external authentication module dialog box. Import Users unit. Filter for importing and synchronization field.