It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

What LDAP filter do we use to reject mail for a disabled user in Active Directory?

  • Type: Knowledgebase
  • Date changed: 3 years ago
Solution #00007234

Email Security Gateway All Firmwares

The normal Active Directory filter that you should use is this
   ( (proxyaddresses=smtp:$

   OR even better this (the shorter you can make your filter and have it still work the better)

   ( (proxyaddresses=smtp:${recipient_email}

The above filter with MOST Active Directory LDAP servers will return a valid response for Enabled and Disabled users.

The following filter will return an failure when doing a lookup for a DISABLED Active Directory user.

   (&(!(userAccountControl:1.2.840.113556.1.4.803:=2))( (proxyaddresses=smtp:${recipient_email}

Link To This Page: