Tuesday, June 14, 2011

Searching Active Directory Using DSQUERY and LDAP Query

Here are some useful DSQUERY and LDAP query commands to search Active Directory.  

The following query lists all users with dial-In access permission (allow) in Active Directory: 

Using LDAP custom query - (&(objectClass=User)(objectCategory=Person)(msNPAllowDialin=TRUE))

image

Using DSQUERY command:

Dsquery * -filter ("&(objectClass=User)(objectCategory=Person)(msNPAllowDialin=TRUE)") -attr name

image

The following query lists all enabled user account that have never been logged into before: 

LDAP Query - (&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2)(!lastLogonTimeStamp>=1))

image

Using DSQUERY Command:

dsquery * -filter ("&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2)(!lastLogonTimeStamp>=1))" –limit 0 -attr name description

image

1 comments:

Mein Schwanz hat mich nie mit den Mädchen im Stich gelassen, ich wusste nicht, was ich tun sollte, aber auf der Website https://erektilemed.de/, ich fand Pillen, die nicht scheitern, ich möchte es mit Ihnen teilen.

Post a Comment

Popular Posts

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More