Solved

Query AD

Posted on 2009-05-13
2
286 Views
Last Modified: 2012-05-06
Can someone help me out. I need to run a query against AD. I need to see all users in an OU and need to get back full name, email address, enabled/disabled and exchange store information.
0
Comment
Question by:Y2KBDS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 250 total points
ID: 24377657
I like adfind for this
http://www.joeware.net/freetools/tools/adfind/index.htm
enabled and disabled is part of the userAccountControl attribute. This happens to be an example of a bitmask attribute: a single attribute that actually houses numerous property values so there is no Yes/No column to show that.
What I do is run two queries - one for  enabled and one for disabled
DISABLED
adfind -b "DN of your OU" -bit -f "&(objectcategory=person)(objectclass=user)(useraccountcontrol:AND:2)" samaccountname givenname sn mail -csv > c:\disabledusers.csv
ENABLED -- just add the ! (not) to useraccountcontrol
adfind -b "DN of your OU" -bit -f "&(objectcategory=person)(objectclass=user)(!useraccountcontrol:AND:2)" samaccountname givenname sn mail -csv > c:\enabledusers.csv
Thanks
Mike
0
 
LVL 18

Expert Comment

by:Americom
ID: 24378208
You should be able to get all those info by simply running the "Saved Queries" from Active Directory Users and Computers console. You can save the queries or export them as well.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question