Selectively syncing Disabled or Enabled source AD Users

Created: 2012-04-20 08:09:59
Modified: 2017-05-01 13:25:51
Tags: Active Directory UnitySync

By default, UnitySync will pull both Enabled and Disabled Users from your AD source directory. You may use an Optional LDAP Query Filter to indicate that only Disabled or Enabled should be pulled. This query is based on the value of UserAccountControl.

Enter the following filter syntax in the Users Optional LDAP Filter field on the Source tab to configure your UnitySync connection to pull based on Enabled/Disabled Users status:

  • Pull only disabled accounts:
    (UserAccountControl:1.2.840.113556.1.4.803:=2)

  • Pull only enabled accounts:
    (!(UserAccountControl:1.2.840.113556.1.4.803:=2))

For more information on UserAccountControl refer to our knowledge base article Working with UserAccountControl.

Share this article:
Knowledgebase

Directory
  1. Directify - Self Service

  2. Mimic - Replication

  3. UnitySync - Sync
Password
  1. emPass - Sync
Obsolete
  1. Profiler
  2. SimpleSync