?
Solved

Query for Domain Admins Accounts

Posted on 2006-07-05
8
Medium Priority
?
6,204 Views
Last Modified: 2008-02-01
How do i create a saved query in active directory (Windows 2003) to list all accounts who are member of Domain Admins Group?

Thanks,

JT-
0
Comment
Question by:swhcs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 26

Expert Comment

by:Pber
ID: 17045191
Here's the LDAP syntax:

(&(objectCategory=user)(memberOf=CN=Domain Admins,CN=Users,DC=domain,dc=com))

Change the DC=Domain,DC=com to match your domain name.

Also you might have to change the CN=Users as well if you moved the OU.  Ultimately you have to have the full DN of where the domain admins group lives.

1
 
LVL 26

Expert Comment

by:Pber
ID: 17045246
Maybe some more info is needed...

When creating the saved Query
Select New then Define Query
Select Custom Search from the Find Drop down
Click Advanced and paste the LDAP syntax below:

(&(objectCategory=user)(memberOf=CN=Domain Admins,CN=Users,DC=domain,dc=com))

or just

(memberOf=CN=Domain Admins,CN=Users,DC=domain,dc=com)

0
 

Author Comment

by:swhcs
ID: 17045672
it still doesn't work...i can't even query the list of users belong to a builtin group by using the wizard either.
Here's the syntax to query for domain users arrived from the wizard:
(&(objectCategory=user)(memberOf=Domain Users*))

Any ideas?

Thanks,


0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 26

Expert Comment

by:Pber
ID: 17045727
Mine won't work either if I do it with a wildcard.  I use the full DN.

also make sure your query root is set at the root of the domain.
0
 

Author Comment

by:swhcs
ID: 17045776
We must be missing something here....Any experts out there can help?
0
 
LVL 26

Accepted Solution

by:
Pber earned 150 total points
ID: 17045898
Mine works fine

I have a custom query,
Query root is the root of the domain
Include subcontainers is checked

the LDAP syntax is:

(&(objectCategory=user)(memberOf=CN=Domain Admins,CN=Users,DC=domain,dc=com))

See this:
http://support.microsoft.com/newsgroups/default.aspx?dg=microsoft.public.win2000.active_directory&tid=53c009f1-d052-4946-91ec-d56a2ce1fb4f&p=1
1
 

Author Comment

by:swhcs
ID: 17046279
It's working now using the custom query.
(&(objectCategory=user)(memberOf=CN=Domain Admins,CN=Users,DC=domain,dc=com))

Thanks, Pber
0
 
LVL 26

Expert Comment

by:Pber
ID: 17046652
good to hear
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question