Summary:  LDAP authentication examples: 

Filter for the membership of CN=Domain Users, excluding inactive users

 

(&(objectCategory=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))

 

 

(&(mail=KBOX_USER)(&(objectCategory=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))))

 

 

(|(&(samaccountname=KBOX_USER)(objectCategory=user))(userAccountControl:1.2.840.113556.1.4.803:=2))

 

 

If you make a global security group, here is an example:

 

Search base DN:

DC=ds2net,DC=ds2,DC=com

 

Search filter:

memberof=CN=KACE Admin,OU=DS2 Users And Groups,DC=ds2net,DC=ds2,DC=com