diff --git a/fmt_ldapsearchfilter.c b/fmt_ldapsearchfilter.c
index c82b3b6..a5cd87c 100644
--- a/fmt_ldapsearchfilter.c
+++ b/fmt_ldapsearchfilter.c
@@ -28,7 +28,7 @@ int fmt_ldapsubstring(char* dest,struct Substring* s) {
 }
 
 int fmt_ldapsearchfilter(char* dest,struct Filter* f) {
-  long sum,tmp;
+  long sum,tmp,tmp2=0;
   switch (f->type) {
   case AND: case OR: case NOT:
     sum=fmt_ldapsearchfilter(dest,f->x); break;
@@ -57,5 +57,6 @@ int fmt_ldapsearchfilter(char* dest,struct Filter* f) {
   if (dest) byte_copyr(dest+tmp+1,sum,dest);
   fmt_asn1tag(dest,PRIVATE,CONSTRUCTED,f->type);
   fmt_asn1length(dest+1,sum);
-  return sum+tmp+1;
+  if (f->next) tmp2=fmt_ldapsearchfilter(dest+sum+tmp+1,f->next);
+  return sum+tmp+tmp2+1;
 }
diff --git a/ldap.h b/ldap.h
index 120d0a1..5e4a7b0 100644
--- a/ldap.h
+++ b/ldap.h
@@ -115,6 +115,7 @@ int scan_ldapresult(const char* src,const char* max,long* result,
 		    struct string* matcheddn,struct string* errormessage,
 		    struct string* referral);
 int scan_ldapmodifyrequest(const char* src,const char* max,struct ModifyRequest* m);
+int scan_ldapsearchfilterstring(const char* src,struct Filter** f);
 
 int fmt_ldapstring(char* dest,struct string* s);
 int fmt_ldapmessage(char* dest,long messageid,long op,long len);
diff --git a/ldapclient.c b/ldapclient.c
index fde45d2..f33fdab 100644
--- a/ldapclient.c
+++ b/ldapclient.c
@@ -43,7 +43,7 @@ int main(int argc,char* argv[]) {
 
   if (argc<5) {
 usage:
-    buffer_putsflush(buffer_2,"usage: ldapclient ip baseObject foo=bar baz [buzz...]\n");
+    buffer_putsflush(buffer_2,"usage: ldapclient ip baseObject filter foo [bar...]\n");
     return 0;
   }
   sock=socket_tcp4();
@@ -56,18 +56,16 @@ usage:
     }
   }
   if (ldapbind(sock)) {
-    struct Filter f;
+    struct Filter *f;
     struct AttributeDescriptionList adl;
     struct AttributeDescriptionList *next;
     struct SearchRequest sr;
     int i;
-    f.x=f.next=0;
-    f.type=EQUAL;
-    f.ava.desc.s=argv[3]; f.ava.desc.l=str_chr(argv[3],'=');
-    if (argv[3][f.ava.desc.l] != '=') goto usage;
-    f.ava.value.s=argv[3]+f.ava.desc.l+1; f.ava.value.l=strlen(f.ava.value.s);
-    if (f.ava.value.l==1 && f.ava.value.s[0]=='*') f.type=PRESENT;
-    f.a=0;
+    if (!scan_ldapsearchfilterstring(argv[3],&f)) {
+      buffer_putsflush(buffer_2,"could not parse filter!\n");
+      close(sock);
+      return 1;
+    }
     i=4; /* This should be the first index to an attribute argument in argv[] */
     adl.a.s=argv[i];
     adl.a.l=strlen(argv[i]);
@@ -90,7 +88,7 @@ usage:
     sr.baseObject.s=argv[2]; sr.baseObject.l=strlen(sr.baseObject.s);
     sr.scope=wholeSubtree; sr.derefAliases=neverDerefAliases;
     sr.sizeLimit=sr.timeLimit=sr.typesOnly=0;
-    sr.filter=&f;
+    sr.filter=f;
     sr.attributes=&adl;
     len=fmt_ldapsearchrequest(buf+100,&sr);
     {