Scope:
Email Security Gateway All Firmwares
Answer:
The normal Active Directory filter that you should use is this
( (proxyaddresses=smtp:$
{recipient_email})(mail=${recipient_email}
)(userPrincipalName=$
{recipient_email})
OR even better this (the shorter you can make your filter and have it still work the better)
( (proxyaddresses=smtp:${recipient_email}
)(mail=$
{recipient_email}))
The above filter with MOST Active Directory LDAP servers will return a valid response for Enabled and Disabled users.
The following filter will return an failure when doing a lookup for a DISABLED Active Directory user.
(&(!(userAccountControl:1.2.840.113556.1.4.803:=2))( (proxyaddresses=smtp:${recipient_email}
)(mail=$
{recipient_email}
)))
Link To This Page: