When connecting to Active Directory you should use Port 3268 which is the GlobalCatalog.You can only query for attributes that are replicated to the GC. You can configure these attributes to be replicated with the schema management utility from support tools.

 

Authenticate to Active Directory as:

cn=username,cn=users,dc=domain1,dc=domain2

like:

cn=administrator,cn=users,dc=clearswift,dc=corp

use your Active Directory Password.

 

For checking for Group Memberships you can use the "MemberOf" attribute like follows:

MemberOf=cn=Groupname,ou=containername,dc=domain1,dc=domain2

A list of attributes for active Directory queries can be seen when opening ADSI-Edit and rightclick for properties of the User Object.

 

You can do "and" or "OR" queries like follows:

(|(attribute=a)(attribute=b)) "or" query

(&(attribute=a)(attribute=b)) "and" query

 

For conditional queries you can use the "!" like

(!(attribute=value)) to query for special attribute values to be excluded

 

Back