We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

What LDAP filter do we use to reject mail for a disabled user in Active Directory?

  • Type: Knowledgebase
  • Date changed: 10 months ago
Solution #00007234

Email Security Gateway All Firmwares

The normal Active Directory filter that you should use is this
   ( (proxyaddresses=smtp:$

   OR even better this (the shorter you can make your filter and have it still work the better)

   ( (proxyaddresses=smtp:${recipient_email}

The above filter with MOST Active Directory LDAP servers will return a valid response for Enabled and Disabled users.

The following filter will return an failure when doing a lookup for a DISABLED Active Directory user.

   (&(!(userAccountControl:1.2.840.113556.1.4.803:=2))( (proxyaddresses=smtp:${recipient_email}

Link To This Page: