Multiple User Filters

Peter Schober peter.schober at
Fri Apr 15 08:07:51 EDT 2016

* Robert Duncan <Robert.Duncan at> [2016-04-15 14:02]:
> I want to do the same for 3.4.1 in
> idp.authn.LDAP.userFilter= (sAMAccountName={user}, userPrincipalName=(user))
> but I get - failed using filter=[org.ldaptive.SearchFilter at -1949206318::filter=(sAMAccountName={user}, userPrincipalName=(user)), parameters={user=the_user
> probably I need a logical OR in the userFilter has anyone configured
> this?

If what you enter into the properties file becomes an LDAP search filter
you'd need to enter a valid ldap search filter string. The spec
(RFC4515) has examples:
So from your use-case something like:

Note that you had "{user}" once, and "(user)" the second time.

More information about the users mailing list