AD Search filters
Originally Published: 2019-08-02
Article Number
Applies To
RSA Product/Service Type: Enterprise Software
RSA Version/Condition: 7.0.2
Issue
I tested this issue in 7.0.2 GA - P06 and issue is reproduced when filter query has carriage return.
Cause
Failing Queries
1)
(&(objectCategory=person)
(objectClass=user)
(sAMAccountName=*))
2)
(&(objectCategory=person)(objectClass=user)
(sAMAccountName=*))
3) Below query will fail inside the configuration as well.
(&
(objectCategory=person)
(objectClass=user)
(sAMAccountName=*))
(&(objectCategory=person)(objectClass=user)(sAMAccountName=*)
(|(memberOf=CN=Group-1,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)
(memberOf=CN=Group-2,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)
(memberOf=CN=Group-3,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)
)
)
Resolution
Workaround
To resolve this issue, you can workaround this issue by removing the new line or apply P07 or higher(latest patch for IG&L 7.0.2 is P14)
Below are examples of working vs non-working filter queries as I tested:
Working filters (Where both Tests work fine)
1) (memberOf=CN=Group-1,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)
2) (&(objectCategory=person)(objectClass=user)(sAMAccountName=*)(|(memberOf=CN=Group-3,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)))
3) (&(objectCategory=person)(objectClass=user)(sAMAccountName=*)(|(memberOf=CN=Group-3,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)(memberOf=CN=Group-2,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)))
4) (&(objectCategory=person)(objectClass=user)(sAMAccountName=*)(|(memberOf=CN=Group-1,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)(memberOf=CN=Group-2,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)(memberOf=CN=Group-3,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)(memberOf=CN=Group-4,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)(memberOf=CN=Group-5,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)(memberOf=CN=Group-6,OU=vcloud Users,DC=2k8r2-vcloud,DC=local)))
Related Articles
ManageEngine ADSelfService Plus - RSA Ready Implementation Guide Number of Views Troubleshooting SWIFT Alliance Access with RSA Authentication Manager using RADIUS protocol Number of Views Numeric Token Types in AMIS Calls Number of Views Use Advanced User Search Number of Views IIS command line syntax specifications Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
Don't see what you're looking for?
