Solved

Query AD

Posted on 2009-05-13
2
237 Views
Last Modified: 2012-05-06
Can someone help me out. I need to run a query against AD. I need to see all users in an OU and need to get back full name, email address, enabled/disabled and exchange store information.
0
Comment
Question by:Y2KBDS
2 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 250 total points
ID: 24377657
I like adfind for this
http://www.joeware.net/freetools/tools/adfind/index.htm
enabled and disabled is part of the userAccountControl attribute. This happens to be an example of a bitmask attribute: a single attribute that actually houses numerous property values so there is no Yes/No column to show that.
What I do is run two queries - one for  enabled and one for disabled
DISABLED
adfind -b "DN of your OU" -bit -f "&(objectcategory=person)(objectclass=user)(useraccountcontrol:AND:2)" samaccountname givenname sn mail -csv > c:\disabledusers.csv
ENABLED -- just add the ! (not) to useraccountcontrol
adfind -b "DN of your OU" -bit -f "&(objectcategory=person)(objectclass=user)(!useraccountcontrol:AND:2)" samaccountname givenname sn mail -csv > c:\enabledusers.csv
Thanks
Mike
0
 
LVL 18

Expert Comment

by:Americom
ID: 24378208
You should be able to get all those info by simply running the "Saved Queries" from Active Directory Users and Computers console. You can save the queries or export them as well.
0

Join & Write a Comment

Companies that have implemented Microsoft’s Active Directory need to ensure that the Active Directory is configured and operating properly. If there are issues found and not resolved, it eventually leads the components to fail or stop working and fi…
Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now