I'm using SpringLDAP API within spring based webapp to query ActiveDirectory that is hosted on Windows Server 2012. Following are my environment details :-
Java 1.8.0_101, apache-tomcat-8.0.36, SpringMVC 4.3.1 & SpringLDAP 2.3.1
The following AD filter query fetches the matching accounts in windows based (C++/C# based) query tool (e.g., Lepide AD Query tool) and also in the LDAP Browser plugin within the eclipse IDE BUT does not fetch the matching records/AD accounts when used within the Java (JNDI/SpringLDAP API based) code & also in the Java based application JXplorer :-
(&(objectclass=user)(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(accountExpires>=131554368000000000)(userPrincipalName=cgm@*))
I'm trying to get an user account that is ACTIVE, not yet expired given a date and with userPrincipalName value starting with string cgm@.
Following is the ldap configuration within the spring-servlet.xml file :-
<util:map id="ldapBaseEnvProps">
<entry key="java.naming.ldap.attributes.binary" value="objectGUID"/>
</util:map>
<ldap:context-source id="pooledLdapContextSrc" url="ldap://dc.myadserver.com:3268" base="DC=myadserver,DC=com" username="CN=adusername,OU=Mkt-Managers,DC=myadserver,DC=com" password="*****" base-env-props-ref="ldapBaseEnvProps">
<ldap:pooling max-total="16" max-active="16" max-idle="8" min-idle="0" max-wait="90000" when-exhausted="BLOCK" test-on-borrow="true" test-while-idle="true"/>
</ldap:context-source>
Are such AD filters supported by Java/SpringLDAP API at all? If yes, what needs to be changed for the above AD query filter to work (fetch matching AD account(s)) in the Java based code?