Search filters enable you to define search criteria and provide more efficient and effective searches.
These search filters are represented by Unicode strings.
The directory sync utility uses the LDAP query language to gather information from your directory server. The LDAP query language is a flexible standard that supports complex and powerful logical queries.
The following syntax is used in LDAP filters:
For examples of how these operators are used, see the common LDAP queries below.
Common LDAP Queries
The examples below show the most common LDAP queries. These queries are the most common queries used, and are designed to work with most directory server environments.
All objects (this may cause load problems):
All user objects that are designated as a “person”
Distribution Lists only
Public Folders only
All user objects except for ones with primary email addresses that begin with test
All user objects except for ones with primary email addresses that end with test
All user objects except for ones with primary email addresses that contain the word “test”
All user objects (users and aliases) that are designated as a “person” and all group objects (distribution lists)
All user objects that are designated as a “person”, all group objects and all contacts, except those with any value defined for extensionAttribute9:
(&(|(|(&(objectclass=user)(objectcategory=person))(objectcategory=group))(objectclass=contact))(!(extensionAttribute9=*)))
All users, but exclude disabled users:
Active Directory LDAP: All users
Active Directory LDAP: All email users (alternate)
OpenLDAP: All users
Lotus Domino LDAP: All users
Lotus Domino LDAP: All objects with a mail address defined that are designated as a “person “or “group”:
(&(|(objectclass=dominoPerson)(objectclass=dominoGroup)(objectclass=dominoServerMailInDatabase))(mail=*))