Article ID: 269181
Some attributes on Active Directory objects are composed of bitwise flags. You may need to query for objects using a bitwise operator to return only objects that match a particular bit being set. Use the Lightweight Directory Access Protocol (LDAP) Matching Rule controls to do this.
The format of the LDAP Matching Rule has the following syntax:
attributename:ruleOID:=valuewhere attributename is the LDAPDisplayName of the attribute, ruleOID is the object ID (OID) for the matching rule control, and value is the decimal value you want to use for comparison. You need to convert from hexadecimal to decimal.
The value of ruleOID can be one of the following:
The following Microsoft Visual Basic sample script uses the above bitwise comparison filter:
For more information on how to use the LDAP Matching Rule, see the Platform Software Development Kit (SDK). This information is found in the Contents at:
For more information on how to use the LDAP Matching Rule, see the samples included in the Platform SDK. These samples are located in the \Microsoft PlatformSDK\Samples\NetDs\ADSI\Samples\ActiveDir\Attributes and SDK\Samples\NetDs\ADSI\Samples\ActiveDir\GetSchemaInfo folders.
Networking and Directory Services Active Directory, ADSI, and Directory Services Active Directory Using Active Directory Searching the Active Directory Creating a Query Filter How to Specify Comparison Values
Article ID: 269181 - Last Review: June 19, 2014 - Revision: 4.0
Retired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.