How can I hide contacts that already exist in the XPhone user data source from the AD data source?
or
How can I remove disabled Active Directory contacts from the AD data source / AD connector?
(&(!(memberOf=CN=User,OU=SecurityGroup,DC=DomainName,DC=com))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
The filter means in words: Displayed are all AD users that are not members of the security group "users" and are not disabled.
Help: If you want to specify multiple security groups, line them up first:
(!(memberOf=CN=User,OU=SecurityGroup,DC=DomainName,DC=com))(!(memberOf=CN=User,OU=SecurityGroupTwo,DC=DomainName,DC=com))(!(...))
Copy and replace the X at the beginning in the following filter with this:
(&X(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
Then paste the result as a filter in the data source configuration.
Save the settings. This will recreate the index.
(&(sAMAccountType=805306368)(!userAccountControl:1.2.840.113556.1.4.803:=2))
5. Save the settings and run the connector again.
(Note: If you have edited an existing connector, the connector must run through three times, as only then will users that no longer exist be deleted).