Instead of specifying only a username field, the use of a filter allows compatibility with a greater variety of LDAP structures - e.g. where including all valid users requires binding to a node that will also include invalid users, the filter can be set to exclude the invalid users.
The default LDAP filter using common name as the username
An example LDAP filter using email address as the username
The Default ActiveDirectory filter uses the Windows login as the username and requires the user to have an object category of person.
An example ActiveDirectory filter still requiring the user to have an object category of person but this time using the primary email address as the username and additionally limited to users in the students security group.
An example where object category is not important and either the email address or the Windows username are accepted as the user ID. Notice the vertical bar used to signify OR at the beginning.
Similar to the above OR example, but this time the objectCategory must be Person again.