It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Essentials

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

ArchiveOne

PST Enterprise

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen WAN

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Content Shield

Firewall Policy Manager

Data Inspector

Cloud-to-Cloud Backup

Backup

Server Backup (Yosemite)

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

ECHOplatform

Intronis Backup

MSP – Partner Management

MSP Knowledge Base

MSP – Partner Sales Enablement

Link Balancer

NextGen Firewall X

Load Balancer

SSL VPN

Phone System

Cloud Control

Control Server

Campus Help Center / Reference

Support Services

Network Security

Barracuda Email Security Gateway

Overview Documentation Training Certification Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Essentials

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

ArchiveOne

PST Enterprise

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Web Security Agent

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

Reporting Server

CloudGen Firewall

CloudGen WAN

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Content Shield

Firewall Policy Manager

Data Inspector

Cloud-to-Cloud Backup

Backup

Server Backup (Yosemite)

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

ECHOplatform

Intronis Backup

MSP – Partner Management

MSP Knowledge Base

MSP – Partner Sales Enablement

Link Balancer

NextGen Firewall X

Load Balancer

SSL VPN

Phone System

Cloud Control

Control Server

Campus Help Center / Reference

Support Services

Network Security

United States – English (GMT-5)

Back to Knowledgebase

What LDAP filter do we use to reject mail for a disabled user in Active Directory?

Type: Knowledgebase
Date changed: 3 years ago

Solution #00007234

Scope:

Email Security Gateway All Firmwares

Answer:

The normal Active Directory filter that you should use is this

( (proxyaddresses=smtp:$

{recipient_email})(mail=${recipient_email}

)(userPrincipalName=$

{recipient_email})

OR even better this (the shorter you can make your filter and have it still work the better)

( (proxyaddresses=smtp:${recipient_email}

)(mail=$

{recipient_email}))

The above filter with MOST Active Directory LDAP servers will return a valid response for Enabled and Disabled users.

The following filter will return an failure when doing a lookup for a DISABLED Active Directory user.

(&(!(userAccountControl:1.2.840.113556.1.4.803:=2))( (proxyaddresses=smtp:${recipient_email}

)(mail=$

{recipient_email}

)))

Link To This Page:

https://campus.barracuda.com/solution/50160000000uJuVAAU

Additional Resources

Print Share Page