Microsoft Active Directory LDAP Filters (activedLdapFilterProperties)

Specifies the list of Microsoft Active Directory LDAP filters.

NameTypeDefaultDescription

groupFilter

string

(&(cn=%v)(objectcategory=group))

An LDAP filter clause for searching the user registry for groups. When defined, this filter requires an Attribute Value Assertion (AVA) containing a %v. For example, cn=%v. During searches, the %v in the AVA is replaced with the group or group pattern being searched for.

groupIdMap

string

*:cn

An LDAP filter that maps the name of a group to an LDAP entry.

groupMemberIdMap

string

memberOf:member

An LDAP filter that identifies user to group memberships.

id

string

A unique configuration ID.

userFilter

string

(&(sAMAccountName=%v)(objectcategory=user))

An LDAP filter clause for searching the user registry for users. When defined, this filter requires an Attribute Value Assertion (AVA) containing a %v. For example, uid=%v. During searches, the %v in the AVA is replaced with the user or user pattern being searched for.

userIdMap

string

user:sAMAccountName

An LDAP filter that maps the name of a user to an LDAP entry.