Only in .: '
Common subdirectories: ../../modules_ORG/ldap_integration//includes and ./includes
diff -u ../../modules_ORG/ldap_integration//ldapauth.admin.inc ./ldapauth.admin.inc
--- ../../modules_ORG/ldap_integration//ldapauth.admin.inc	2009-07-28 17:03:05.000000000 +0300
+++ ./ldapauth.admin.inc	2009-10-01 17:06:48.000000000 +0300
@@ -218,6 +218,7 @@
       'encrypted' => 0,
       'basedn' => '',
       'user_attr' => LDAPAUTH_DEFAULT_USER_ATTR,
+      'user_filter' => '',
       'mail_attr' => LDAPAUTH_DEFAULT_MAIL_ATTR,
       'binddn' => '',
       'bindpw' => FALSE,
@@ -293,6 +294,15 @@
     '#maxlength' => 255,
     '#description' => t('The attribute that holds the users\' login name. (eg. <em style="font-style: normal; padding: 1px 3px; border: 1px solid #8888CC; background-color: #DDDDFF">cn</em> for eDir or <em style="font-style: normal; padding: 1px 3px; border: 1px solid #8888CC; background-color: #DDDDFF">sAMAccountName</em> for Active Directory).'),
   );
+  $form['login-procedure']['user_filter'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Extra search filter'),
+    '#default_value' => $edit['user_filter'],
+    '#size' => 30,
+    '#maxlength' => 255,
+    '#description' => t('Extra ldap search filter.  Use  <em style="font-style: normal; padding: 1px 3px; border: 1px solid #8888CC; background-color: #DDDDFF">(objectCategory=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)</em> to filter out computer accounts and disabled users. If you give a value here final search filter is combined in form (&"Extra search filter"("UserName attribute"=LOGINNAME")). So user prenthes around your filter.'),
+  );
+
   $form['login-procedure']['mail_attr'] = array(
     '#type' => 'textfield',
     '#title' => t('Email attribute'),
@@ -392,19 +402,19 @@
   switch ($op) {
     case t('Save configuration'):
       if (!isset($values['sid'])) {
-        db_query("INSERT INTO {ldapauth} (name, status, server, port, tls, encrypted, basedn, user_attr, mail_attr, binddn, bindpw, login_php, filter_php) VALUES ('%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s')", $values['name'], 1, $values['server'], $values['port'], $values['tls'], $values['encrypted'], $values['basedn'], trim($values['user_attr']), trim($values['mail_attr']), $values['binddn'], $values['bindpw'], trim($values['login_php']), trim($values['filter_php']));
+        db_query("INSERT INTO {ldapauth} (name, status, server, port, tls, encrypted, basedn, user_attr, user_filter, mail_attr, binddn, bindpw, login_php, filter_php) VALUES ('%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s')", $values['name'], 1, $values['server'], $values['port'], $values['tls'], $values['encrypted'], $values['basedn'], trim($values['user_attr']), trim($values['user_filter']), trim($values['mail_attr']), $values['binddn'], $values['bindpw'], trim($values['login_php']), trim($values['filter_php']));
         drupal_set_message(t('LDAP configuration %name has been added.', array('%name' => $values['name'])));
         watchdog('ldapauth', 'LDAP configuration %name has been added.', array('%name' => $values['name']));
       }
       else {
         if (isset($values['bindpw_clear'])) {
-          db_query("UPDATE {ldapauth} SET name = '%s', server = '%s', port = %d, tls = %d, encrypted = %d, basedn = '%s', user_attr = '%s', mail_attr = '%s', login_php = '%s', filter_php = '%s' WHERE sid = %d", $values['name'], $values['server'], $values['port'], $values['tls'], $values['encrypted'], $values['basedn'], trim($values['user_attr']), trim($values['mail_attr']), trim($values['login_php']), trim($values['filter_php']), $values['sid']);
+          db_query("UPDATE {ldapauth} SET name = '%s', server = '%s', port = %d, tls = %d, encrypted = %d, basedn = '%s', user_attr = '%s', user_filter = '%s', mail_attr = '%s', login_php = '%s', filter_php = '%s' WHERE sid = %d", $values['name'], $values['server'], $values['port'], $values['tls'], $values['encrypted'], $values['basedn'], trim($values['user_attr']), trim($values['user_filter']), trim($values['mail_attr']), trim($values['login_php']), trim($values['filter_php']), $values['sid']);
           if ($values['bindpw_clear']) {
             db_query("UPDATE {ldapauth} SET bindpw = '' WHERE sid = %d", $values['sid']);
           }
         }
         else {
-          db_query("UPDATE {ldapauth} SET name = '%s', server = '%s', port = %d, tls = %d, encrypted = %d, basedn = '%s', user_attr = '%s', mail_attr = '%s', binddn = '%s', bindpw = '%s', login_php = '%s', filter_php = '%s' WHERE sid = %d", $values['name'], $values['server'], $values['port'], $values['tls'], $values['encrypted'], $values['basedn'], trim($values['user_attr']), trim($values['mail_attr']), $values['binddn'], $values['bindpw'], trim($values['login_php']), trim($values['filter_php']), $values['sid']);
+          db_query("UPDATE {ldapauth} SET name = '%s', server = '%s', port = %d, tls = %d, encrypted = %d, basedn = '%s', user_attr = '%s', user_filter = '%s', mail_attr = '%s', binddn = '%s', bindpw = '%s', login_php = '%s', filter_php = '%s' WHERE sid = %d", $values['name'], $values['server'], $values['port'], $values['tls'], $values['encrypted'], $values['basedn'], trim($values['user_attr']), trim($values['user_filter']), trim($values['mail_attr']), $values['binddn'], $values['bindpw'], trim($values['login_php']), trim($values['filter_php']), $values['sid']);
         }
         drupal_set_message(t('LDAP Configuration %name has been updated.', array('%name' => $values['name'])));
         watchdog('ldapauth', 'LDAP Configuration %name has been updated.', array('%name' => $values['name']));
diff -u ../../modules_ORG/ldap_integration//ldapauth.install ./ldapauth.install
--- ../../modules_ORG/ldap_integration//ldapauth.install	2009-07-20 22:35:40.000000000 +0300
+++ ./ldapauth.install	2009-10-01 17:00:21.000000000 +0300
@@ -86,6 +86,10 @@
         'type' => 'varchar',
         'length' => 255,
       ),
+      'user_filter' => array(
+        'type' => 'varchar',
+        'length' => 255,
+      ),
       'mail_attr' => array(
         'type' => 'varchar',
         'length' => 255,
@@ -167,3 +171,13 @@
   return $ret;
 }
 
+function ldapauth_update_6003() {
+  $ret = array();
+  db_add_field($ret, 'ldapauth',  'user_filter', array(
+    'type' => 'varchar',
+    'length' => 255,
+    'default' => '',
+    'not null' => TRUE
+  ));
+  return $ret;
+}
diff -u ../../modules_ORG/ldap_integration//ldapauth.module ./ldapauth.module
--- ../../modules_ORG/ldap_integration//ldapauth.module	2009-07-28 17:03:05.000000000 +0300
+++ ./ldapauth.module	2009-10-01 17:18:22.000000000 +0300
@@ -434,7 +434,8 @@
       continue;
 
     $name_attr = $_ldapauth_ldap->getOption('user_attr') ? $_ldapauth_ldap->getOption('user_attr') : LDAPAUTH_DEFAULT_USER_ATTR;
-    $filter = $name_attr .'='. $login_name;
+    $user_filter = $_ldapauth_ldap->getOption('user_filter') ? $_ldapauth_ldap->getOption('user_filter') : '' ;
+    empty($user_filter) ? $filter = '(' . $name_attr .'='. $login_name . ')' : $filter = '(&' . $user_filter . '(' . $name_attr .'='. $login_name . '))';
     $result = $_ldapauth_ldap->search($base_dn, $filter);
     if (!$result)
       continue;
@@ -503,6 +504,7 @@
     $_ldapauth_ldap->setOption('encrypted', $servers[$sid]->encrypted);
     $_ldapauth_ldap->setOption('basedn', $servers[$sid]->basedn);
     $_ldapauth_ldap->setOption('user_attr', $servers[$sid]->user_attr);
+    $_ldapauth_ldap->setOption('user_filter', $servers[$sid]->user_filter);
     $_ldapauth_ldap->setOption('mail_attr', $servers[$sid]->mail_attr);
     $_ldapauth_ldap->setOption('binddn', $servers[$sid]->binddn);
     $_ldapauth_ldap->setOption('bindpw', $servers[$sid]->bindpw);
Common subdirectories: ../../modules_ORG/ldap_integration//translations and ./translations
Only in .: user_search_filter.patch