LDAP Filters

dd

 

LDAP Filter and escape characters 

http://support.microsoft.com/default.aspx?scid=kb;EN-US;255602

The escape character in a query is the backslash (\). This is a reserved character, along with * ( ) and NUL. To search for reserved characters as part of an attribute value, you must precede the reserved characters with the escape character and one of the following numeric codes for each reserved character:

*     2a

(     28

)     29

\     5c

NUL   00 

For example, if you want to search for all of the users whose display names end in a close parenthesis character, use the following search:

(&(objectClass=user)(displayName=*\29)) 

Get-QADUser -LdapFilter "(homeDirectory=\5c\5cep0*)" | select name, samaccountname, homeDirectory 

 

More  Example LDAP Filters

http://www.petri.co.il/ldap_search_samples_for_windows_2003_and_exchange.htm

Disabled users

(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2) 

Enabled users

(&(objectCategory=person)(objectClass=user)( !(userAccountControl:1.2.840.113556.1.4.803:=2))) 

https://www.redhat.com/docs/en-US/JBoss_ON/2.3/html/Feature_Guide/sect-Feature_Guide-Server_Configuration-LDAP_Configuration_Properties.html

(|(memberOf=CN=JBoss Administrators,OU=Server Service Accounts,OU=Servers,OU=Information Systems, DC=xyz,DC=com)(memberOf=CN=Development Department,OU=Development,OU=Information Systems,DC=xyz,DC=com))