Active Directory – Useful Permanent Queries in AD Users and Computers

To create permanent quesies in AD,

  1. Open Active Directory Users and Computers (dsa.msc)
  2. Navigate to Saved Queries
  3. Right Click on Saved Queries
  4. Select New
  5. Select Query
  6. Populate the Name and Description with something meaningful.
  7. Select Define Query
  8. Create LDAP query for a list of …
  • All disabled users:
    (objectcategory=user)(userAccountControl:1.2.840.113556.1.4.803:=2)
  • All users whose password never expires:
    (objectcategory=user)(userAccountControl:1.2.840.113556.1.4.803:=65536)
  • All users created after xx/xx/xxxx (01/01/2009)
    (&(objectCategory=user)(whenCreated>=20090101000000.0Z))
  • Must change password at next logon
    (&(ObjectCategory=user)(pwdlastSet=0))
  • Password has expired
    (&(objectcategory=user)(userAccountControl:1.2.840.113556.1.4.804:=8388608))
  • Account is locked out
    (&(objectCategory=user)(userAccountControl:1.2.840.113556.1.4.804:=16))
  • Users who have never logged on
    (&(objectCategory=User)(lastLogon=0))
  • All XP based Operating Systems
    (&(objectCategory=computer)(operatingSystemVersion=5.1*))
  • All Windows 7/2008 R2 based Operating Systems
    (&(objectCategory=computer)(operatingSystemVersion=6.1*))Commonly used LDAP Syntax which can be utilised with the Saved Queries feature.

    &  logical and
    |  logical or 
    !  logical not
    =  equal to
    ~=  approximately equal to
    >= e qual to or greater than
    <=  less than or equal to

    Thanks to Mike Parris – AD MVP …

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: